FUTURE 

WATCH 


Can  computer  science  become  an  appeal¬ 
ing  career  choice  again?  Robot  dogs 
and  a  TV  show  would  help,  page  26 


KEEP  IT  CLEAN 

GM’s  Eric  Litt  says  ethical  security  researchers 
need  rewards  —  or  they  might  go  bad.  page  io 
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Health  IT  Czar’s  Abdication 
Won’t  Slow  E-records  Push 

Brailer  kick-started  program,  but  his 
successor  must  show  results,  users  say 


BY  HEATHER  HAVENSTEIN 

Users  from  the  health  care 
community  last  week  said  the 
resignation  of  the  point  man 
for  federal  health  IT  efforts 


shouldn’t  blunt  ongoing  moves 
to  adopt  electronic  medical 
records  nationally. 

But  they  stressed  that  who¬ 
ever  replaces  David  Brailer, 


who  resigned  as  national  coor¬ 
dinator  for  health  information 
technology  late  last  month, 
must  quickly  show  measurable 
progress  in  the  e-health  arena. 
The  next  coordinator  must 
also  foster  closer  collaboration 
between  the  government  and 
doctors,  users  said. 

President  Bush  appointed 
Brailer  in  May  2004  to  help 
lead  a  national  effort  to  replace 
paper-based  health  records 
with  electronic  medical  re¬ 
cords.  Health  care  IT  execs  said 
Brailer  was  a  high-profile  ad¬ 
vocate  of  EMRs  and  of  creating 
the  standards  and  infrastruc¬ 
ture  needed  to  exchange  them. 

John  Wade,  CIO  at  Saint 
Luke’s  Health  System  Inc.  in 
Kansas  City,  Mo.,  said  Brailer’s 
Health  Czar,  page  16 
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CA,  Sim 
Still  Looking 
For  Answers 


Kumar  admits  to 
accounting  fraud; 
CA  warns  of  poor 
financial  results 


Users  applaud 
choice  of  Schwartz 
as  Sun’s  CEO  but 
want  more  changes 


BY  KEN  MINOIS  AND 
MATT  HAMBLEN 


Sanjay  Kumar,  the  former 
chairman  and  CEO  of  what 
is  now  CA  Inc.,  pleaded 
guilty  to  securities  fraud, 
conspiracy  and  other 
charges  last  week,  closing 
the  book  on  a  key  chapter  in 
an  accounting  scandal  that 
the  software  vendor  is  still 
trying  to  put  behind  it. 

But  the  challenges  CA 
faces  as  it  tries  to  transform 
its  operations  and  fully  re¬ 
pair  its  relationships  with 
customers  were  highlighted 
by  a  warning  that  the  com¬ 
pany  will  report  lower-than- 
expected  financial  results 
for  the  quarter  that  ended 
March  31.  Although  CA  put 
CA,  page  16 


CAwill 
survive, 
but  it’s  definitely 
a  black  eye. 

STEVE  RUMMEL, 

VICE  PRESIDENT  OF  DATA 
SERVICES.  MAHER  TERMINALS 


BY  PATRICK  THIBODEAU 

Wall  Street  investors  aren’t 
the  only  group  looking  for 
some  tangible  improve¬ 
ments  from  new  Sun  Micro¬ 
systems  Inc.  CEO  Jonathan 
Schwartz,  who  took  over 
for  Sun 
co-founder 
Scott  Mc- 
Nealy  last 
week.  Users 
also  ticked 
off  a  list  of 
changes 
they  want 
Sun  to  make, 
although 
they  largely 
viewed  Schwartz’s  appoint¬ 
ment  as  a  sign  of  manage¬ 
ment  continuity  at  the 
company. 

Sam  Thomas,  informa¬ 
tion  systems  supervisor  for 
the  city  of  Oakland,  Calif., 
said  Sun  needs  to  make  its 
sales  organization  easier  for 
customers  like  him  to  work 
with.  The  city  uses  a  range 
of  Sun  systems  and  storage 
equipment,  but  Thomas 

Sun,  page  49 


SCHWARTZ 

says  he  will  do 
some  “prun¬ 
ing”  of  Sun’s 
operations. 


A  Global  Hotel  Company  Analyzing  1.4  Million  Records  a  Day. 

Running  On  Microsoft  SQL  Server  2005. 
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How  does  Hilton  forecast  demand  for  its  370,000  rooms  and  its  catering  services?  They 
import  data  from  six  systems  into  one  data  warehouse  requiring  7  million  rows,  and 
running  on  SQL  Server™  2005  with  99.98%  uptime.*  See  how  at  microsoft.com/bigdata 
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Getting  a  Grip  on  Virtual  Machines 

In  the  Technology  section:  As  the  use  of  virtual  ma¬ 
chines  proliferates  in  many  companies,  that  growth 
is  getting  ahead  of  the  tools  available  to  manage 
them.  Page  23 


05.01.06 


Squeezing  Dollars  From  Maintenance 

In  the  Management  section:  Savvy  IT  execs  are  going 
beyond  rote  hardware  and  software  consolidations  to 
reduce  IT  maintenance  and  operations  costs  and  liberate 
additional  capital  for  discretionary  projects.  Page  40 


NEWS 

6  Interop:  Cisco  plans  to  detail  add¬ 
on  products  that  could  double 
or  even  triple  the  performance  of 
its  7200  Series  routers. 

IBM  adds  a  low-cost  mainframe 
for  midsize  companies,  mar¬ 
kets  such  as  China  and  —  maybe 
—  users  of  its  i5  midrange  line. 


TECHNOLOGY 

Future  Watch:  Computer 
Science  Looks  for  a  Remake. 

Six  computer  science  professors 
discuss  how  IT  can  regain  its  ap¬ 
peal  as  a  career  choice,  why  col¬ 
lege  computer  science  programs 
must  sharpen  their  focus  on  users 
of  technology  and  what  will  hap¬ 
pen  when  Moore’s  Law  ends. 


7  Large  companies  are  starting, 
after  years  of  talk,  to  roll  busi¬ 
ness  intelligence  capabilities  out 
to  large  numbers  of  users  and  to 
customers  and  suppliers. 

7  The  GSA  is  looking  at  creating 
a  shared  infrastructure  to  help 
federal  agencies  meet  an  October 
deadline  for  issuing  smart  ID 
cards  to  workers  and  contractors. 


W  Microsoft  bolsters  its  line  of 
management  tools.  But  some 
attendees  at  the  Microsoft  Man¬ 
agement  Summit  say  they  hoped 
to  hear  more  about  its  plans  for 
making  systems  self-managing. 

MQ&A:  GM’s  Eric  Litt  explains 
how  he  deals  with  software 
flaws  and  security  researchers. 


<|ft  Oracle  extends  support  for  its 
Ifa  World  applications,  but  users 
say  more  help  is  needed  to  over¬ 
come  years  of  uncertainty  about 
the  future  of  the  software. 


;  4  Global  Dispatches:  A  U.K.  con- 
rt  sumer  group  urges  citizens  to 
renew  their  passports  now  in  an 
attempt  to  foil  the  government’s 
plan  to  issue  national  ID  cards. 


Q&A:  Hyperion  CEO  Godfrey 
Sullivan  discusses  corporate 
governance  issues  and  the  H-1B 
visa  controversy. 


I  Geek’s  Garden. 

(This  week’s 
stroll  through  the 
technology  land¬ 
scape  examines 
avian  flu,  single¬ 
molecule  electron¬ 
ics  and  Grace  Hopper’s  role  in  the 
development  of  compilers. 

QQ  Security  Manager’s  Journal:  Of 
Ufa  Laptops,  Caffeine,  Nicotine  and 
Chocolate.  Laptop  security  con¬ 
cerns  give  C.J.  Kelly  a  headache 
that  M&Ms,  lattes,  allergy  medi¬ 
cine  and  even  nicotine  can’t  cure. 

MANAGEMENT 

Q7  Saving  Face  in  China.  The 

VI  cultural  tendency  in  Chi¬ 
nese  businesses  to  avoid  the 
embarrassment  of  bad  news  can 
help  turn  minor  problems  into 
full-blown  crises,  especially  for 
Western  business  partners.  Those 
in  the  know  say  one  way  of  ad¬ 
dressing  the  issue  is  to  have  good 
technology  in  place  to  automate 
reporting  functions. 

«  Career  Watch.  The  need  for  IT 
marketing  skills  is  on  the  rise; 
the  best  high-tech  job  markets 
may  not  be  in  the  locales  with  the 
most  overall  job  growth;  and  IT 
workers’  confidence  reaches  giddy 
heights. 


OPINIONS 

8  On  the  Mark:  Mark  Hall  reports 
on  two  approaches  to  network 
access  control. 


MDon  Tennant  says  former  CA 
CEO  Sanjay  Kumar’s  guilty 
plea  is  a  reminder  of  the  need  for 
a  firm  set  of  corporate  checks  and 
balances  to  avoid  the  sort  of  trau¬ 
ma  CA  has  suffered  recently. 

All  Michael  H.  Hugos  sends  in  the 
faU  Agility  Corps  to  wrestle  an 
acquisition’s  systems  into  shape. 


G4  V.P.  Kochikar  believes  that  get- 
fa  I  ting  project  teams  to  avoid 
giving  customers  nasty  surprises 
means  stepping  back  from  the  ma¬ 
cho  culture  of  crisis  management. 


MMark  Willoughby  says  that 
those  who  are  worried  about 
RFID  security  are  losing  sight  of 
how  the  technology  is  really  used. 


M  i  Paul  Glen  has  noticed  that 
HrHr  IT  managers  often  miss  op¬ 
portunities  for  valuable  peer-to- 
peer  learning.  He  suggests  ways 
to  build  an  environment  where 
educational  interactions  with  col¬ 
leagues  are  more  likely  to  happen. 


C II  Frankly  Speaking:  Frank  Hayes 

lIU  looks  beyond  the  misleading 
headlines  about  a  judge’s  ruling 
on  the  rights  of  Web  surfers  and 
finds  that  the  case  offers  a  lesson 


to  IT  managers. 
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The  Realities  of  Risk 

SECURITY:  Spies  Among  Us  author  Ira 
Winkler  joins  the  Computerworld.com 
stable  of  columnists.  This  week:  Do  you 
really  understand  how  to  manage  risk? 
www.computerworld.com/security 

Installing  a  Linux  Sniffer 

NETWORKING:  In  Part  2  of  his  tutorial, 
networking  pro  Greg  Schaffer  explains 
how  to  install  a  sniffer  package  on  your 
dirt-cheap  Linux  network  analyzer. 
www.computerworld.com/networking 

Never  Be  Lost  Again 

MOBILE/WIRELESS:  Columnist  Craig  J.  Mathias 
examines  WLAN  location  and  tracking  sys¬ 
tems  and  how  they  compare  with  the  more 
popular  GPS.  www.computerworld.com/mobile 


QuickPoll  Results 


Do  IT  managers  want  to  recruit  baby 
boomers  seeking  a  career  change? 


No,  they’d 
rather  get 
someone 
younger  and 
cheaper.  — 


Is  there  anyone  still 
recruiting  instead 
of  outsourcing? 


they  value 


©  Take  this  week's  QuickPoll  at  wm.computerworld.com. 


SOURCE:  COMPUTERWORLD  NONSCIENTIFIC  SURVEY:  434  VOTES. 
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MEET  THE  FOREST 


(SAY  GOODBYE  TO  THE  TREES) 


Introducing  Intel®  vPro™  technology. 

It's  the  most  exciting  leap  in  business  desktop 
computing  since  the  introduction  of  the  Intel 
Pentium  processor  over  a  decade  ago. 

The  new  Intel  vPro  technology  is  much  more 
than  just  a  new  processor. 

It's  a  remarkable  combination  of  new  technology 
that  is  optimized  for  business.  Just  about  every 
repetitive  task  (installing  software,  upgrading 
licenses,  running  diagnostics)  is  made  more 
simple  and  more  efficient. 

Pro  Security. 

Intel  vPro  technology  is  optimized  to  provide 
additional  security  at  the  hardware  level  of 
your  desktop  PC.  Now  users  can't  unknowingly 
(or  even  knowingly)  disable  security  features. 

In  fact,  Intel  vPro  technology  can  even  isolate 
infected  PCs  from  the  rest  of  the  network  so 
your  company  can  stay  online  and  productive. 

Pro  Savings. 

Seventy-five  percent  of  all  IT  budgets  is 
spent  on  maintenance  and  integration  costs. 
Intel  vPro  technology  enables  third-party 


software  solutions  to  manage,  secure  and 
inventory  your  PCs  regardless  of  power  state 
or  the  health  of  the  OS.  Saving  you  time 
and  money. 

Pro  Performance. 

How  is  this  possible?  These  benefits  all 
run  on  dual-core  technology  that  enables  a 
responsive  end-user  experience.  Even  with 
your  security  and  management  tasks  running 
in  the  background. 

Now  your  network  of  PCs  can  actually  report 
where  they  are,  what  they're  doing  and  how 
they're  feeling. 

Intel  vPro  technology  is  a  desktop  architecture 
that  is  designed  to  add  functionality,  security 
and  manageability  to  the  solutions  and 
equipment  you  already  have  installed. 

Be  Pro  Active.  Go  Pro. 

^ You'll  be  reading  and  hearing  more 
(Intel/  about  Intel  vPro  technology  in  the 
v  next  few  weeks  and  months.  You 
vPro  can  find  detailed  information  on  how 
new  Intel  vPro  technology  will  help 
your  company  or  organization  at  intel.com. 
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AT  DEADLINE 


Intel  Plans  to  Cut 
Costs,  Workers 

Intel  Corp.  expects  a  3%  drop 
in  revenue  for  2006  and  is  plan¬ 
ning  a  reorganization  that  could 
include  layoffs  over  the  next 
90  days.  Intel  is  projecting  that 
profits  will  drop  from  $12.1  billion 
in  2005  to  $9.3  billion  in  2006. 
The  projection  comes  after  disap¬ 
pointing  first-quarter  results. 


EC,  Microsoft  Battle 
In  Antitrust  Appeal 

Microsoft  Corp.  violated  antitrust 
law  to  “double-lock”  a  virtual 
monopoly  it  holds  on  PC  operat¬ 
ing  systems,  a  European  Com¬ 
mission  lawyer  argued  during  a 
weeklong  court  session  to  debate 
Microsoft’s  challenge  to  the  EC’s 
antitrust  ruling.  A  Microsoft  law¬ 
yer  countered  that  the  sanctions 
the  EC  imposed  in  its  2004  anti¬ 
trust  decision  would  imperil  the 
software  company’s  intellectual 
property. 


CA  Unveils  Free 
Database  Tool  Set 

CA  Inc.  this  fall  will  ship  a  Uni¬ 
center  Database  Command  Cen¬ 
ter  tool  designed  to  help  adminis¬ 
trators  simplify  the  management 
of  multiple  databases  running  on 
different  platforms.  The  browser- 
based  tool  provides  an  integrated 
user  interface  for  the  IBM  DB2, 
Oracle  and  Ingres  databases. 


Microsoft  Profits 
Miss  Expectations 

New-product  sales  helped  Micro¬ 
soft’s  third-quarter  revenue  grow 
by  13%  over  the  year-earlier 
period,  though  profits  slightly 
missed  analyst  estimates.  The 
company  said  sales  of  new  prod¬ 
ucts  such  as  SQL  Server  2005 
and  Microsoft  Dynamics  enter¬ 
prise  applications  were  strong. 


Networking  Vendors  Take 
Upgrade  Route  at  Interop 


Product  announcements  focus  on 
performance,  security  improvements 


BY  MATT  HAMBLEN 

T  INTEROP  Las  Ve¬ 
gas  2006  today,  Cis¬ 
co  Systems  Inc.  will 
announce  three  add¬ 
on  products  that  it  said  could 
triple  the  performance  of  its 
popular  7200  Series  routers. 

Cisco’s  announcement  is 
one  of  dozens  being  made 
at  Interop  by  networking 
vendors,  many  of  which  plan 
to  boost  the  performance  or 
security  of  existing  technolo¬ 
gies.  For  example,  Citrix  Sys¬ 
tems  Inc.  intends  to  unveil  the 
NetScaler  12000,  a  high-end 
addition  to  its  line  of  applica¬ 
tion  acceleration  appliances. 

The  products  that  Cisco  is 
adding  include  a  processing 
engine  called  the  NPE-G2, 
which  doubles  the  7200’s  rout¬ 
ing  performance  to  2  million 
packets  per  second,  said  Stefan 
Dyckerhoff,  the  company’s  di¬ 
rector  of  midrange  routing. 

Cisco  also  intends  to  an¬ 
nounce  a  virtual  private  net¬ 


work  services  adapter  and  a 
device  that  lets  users  add  a 
seventh  port  adapter  to  their 
routers.  Dyckerhoff  said  the 
VPN  adapter,  together  with 
the  NPE-G2  engine,  could 
triple  the  throughput  of  the 
7200s,  which  are  widely  used 
as  WAN  aggregation  routers. 

Wachovia  Corp.  will  install 
the  NPE-G2  on  120  existing 
7200s  when  the  new  processor 
becomes  available  this  month, 
said  John  Burns,  vice  president 
of  network  services  at  the 
Charlotte,  N.C.-based  financial 
services  firm.  Because  he  can 
use  the  7200  chassis  he  al¬ 
ready  has  in  place,  Burns  said 
he  expects  to  save  “at  least 
several  million  dollars  over 
moving  to  a  new  platform.” 

Burns  beta-tested  the  NPE- 
G2  from  December  to  March 
and  found  that  it  can  support  a 
mix  of  voice-over-IP  and  data 
traffic  with  full  quality-of- 
service  capabilities  —  some¬ 
thing  that  the  7200’s  current 


processing  engine  can’t  han¬ 
dle.  He  said  he  will  also  use 
the  new  engine’s  added  capac¬ 
ity  to  support  data  encryption 
on  Wachovia’s  networks. 

Joel  Conover,  an  analyst 
at  Current  Analysis  Inc.  in 
Sterling,  Va.,  said  Cisco  al¬ 
most  completely  dominates 
the  market  for  aggregation 
routing,  with  a  market  share 


Router  Upgrade 


Cisco  is  announcing  the 
following  add-ons  for  its 
7200  Series  routers: 

■  NPE-G2  processing 
engine,  which  fits  in  existing 
7200  chassis  and  doubles 
routing  performance.  Priced  at 
$19,000;  available  this  month. 

■  VPN  service  adapter  for 

accelerating  the  transmission  of 
VPN  data  via  the  IPsec  protocol. 
Priced  at  $15,000;  available  in 

this  year's  second  half. 

.  . . . 

■  Port  adapter  jacket  card 

for  increasing  the  number  of 
port  adapters  on  a  7200  from 
six  to  seven.  Priced  at  $1,250; 
available  now. 


IBM  Unveils  Mainframes  Starting  at  $100,000 


BY  PATRICK  THIBODEAU 

IBM  never  talks  publicly 
about  the  price  of  its  high-end 
mainframes,  which  can  cost 
millions  of  dollars.  But  when 
it  announced  a  new  low-end 
model  last  week,  the  system’s 
$100,000  starting  price  was  a 
featured  attraction. 

IBM  hopes  that  price  will 
draw  new  users  to  the  main¬ 
frame,  especially  in  develop¬ 
ing  countries  such  as  China, 
where  the  announcement  was 
made.  But  there’s  another 
group  of  customers  that  also 
may  consider  switching  its 
allegiances:  users  of  IBM’s 
System  i5  midrange  line. 

Gregory  Martin,  IT  man¬ 
ager  for  integration  and  tech¬ 
nical  architecture  at  Royal  Ca¬ 
ribbean  Cruises  Ltd.  in  Miami, 


is  an  i5  user.  He  said  the  big 
reason  why  Royal  Caribbean 
didn’t  consider  buying  a  main¬ 
frame  previously  was  the  cost 
of  the  technology. 

But  the  new,  lower-cost  of¬ 
fering,  called  the  System  z9 
Business  Class,  “is  something 
that  we  would  definitely  want 
to  take  a  look  at,”  Martin  said. 
“It  may  eat  into,  to  some  de¬ 
gree,  that  [i5]  world.”  One  of 
the  things  he  likes  about  the 
idea  of  using  a  mainframe,  he 
added,  is  its  ability  to  support 
multiple  databases,  such  as 
Oracle  installations.  The  i5 
supports  only  IBM’s  DB2. 

IBM  has  been  offering  a 
$200,000  mainframe  called 
the  z890  for  two  years.  But 
unlike  that  system,  the  new 
model  is  based  on  the  same 


technology  as  the  company’s 
high-end  machines,  which  are 
being  renamed  the  System  z9 
Enterprise  Class. 

The  Business  Class  and 
Enterprise  Class  systems 
share  many  of  the  same  char¬ 
acteristics,  including  security 
features  and  support  for  spe¬ 
cialty  processors,  such  as  a 
device  announced  last  week 
that’s  designed  to  run  business 
intelligence,  ERP  and  CRM 
workloads.  IBM  said  that  the 
low-cost  machine  can  also 
be  upgraded  to  an  Enterprise 
Class  configuration. 

Learning  Curve 

Last  year,  Mark  Shackelford, 
IT  director  at  Baldor  Electric 
Co.  in  Forth  Smith,  Ark.,  con¬ 
solidated  three  mainframes 


of  about  90%.  But  without  the 
performance  improvements 
being  made  to  the  7200  line 
this  week,  “Cisco  would  have 
been  inviting  competitors  to 
come  in  and  offer  an  alterna¬ 
tive,”  Conover  said. 

He  added  that  similar  im¬ 
provements  are  needed  on  Cis¬ 
co’s  line  of  integrated  services 
routers,  an  even  more  popular 
offering  that  provides  data, 
voice  and  security  services. 

Wes  Wasson,  vice  president 
of  worldwide  marketing  at 
Fort  Lauderdale,  Fla.-based 
Citrix,  said  the  NetScaler 
12000  will  support  275,000 
application  transactions  per 
second,  up  from  230,000  in  the 
company’s  current  NetScaler 
10000  model.  The  12000  will 
sell  for  $95,000,  complete  with 
software,  Wasson  said. 

Major  League  Baseball  plans 
to  test  and  probably  deploy  the 
NetScaler  12000  on  its  MLB.- 
com  Web  site  at  the  end  of  the 
current  baseball  season,  said 
Justin  Shaffer,  vice  president 
and  chief  architect  for  the  site. 

Shaffer  currently  uses  eight 
NetScaler  9950s  in  two  data 
centers  in  New  York  and  Chi¬ 
cago  to  improve  performance 
on  the  Web  site.  He  said  the 
12000  could  reduce  the  num¬ 
ber  of  required  machines,  free¬ 
ing  up  data  center  space  while 
adding  more  capacity.  » 


and  eight  IBM  Unix  servers 
onto  a  single  z990  mainframe. 
Shackelford  said  he  thinks 
the  System  z9  Business  Class 
model  would  be  “a  great  place 
to  start”  for  companies  that 
don’t  already  have  mainframe 
experience. 

“The  hard  part  of  getting 
nonmainframe  people  to  the 
platform  —  and  this  is  IBM’s 
biggest  challenge  —  is  the 
learning  curve,”  he  said.  “Peo¬ 
ple  just  don’t  understand  the 
architecture.  Once  you  learn  it, 
though,  you  find  it’s  a  lot  easier 
to  administer  than  a  Windows 
and  Unix  environment.” 

Shackelford  added  that, 
based  on  his  experience,  users 
moving  to  a  mainframe  should 
expect  it  to  take  six  months  to 
train  their  IT  staffs  and  about 
a  year  for  workers  to  achieve 
mainframe  proficiency.  * 
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Users  Embracing  ‘Bl  for  the  Masses’ 


Training,  easier 
interfaces  can 
foster  use  of  tools 

BY  HEATHER  HAVENSTEIN 

ORLANDO 

Several  users  at  Information 
Builders  Inc.’s  (IBI)  Summit 
2006  user  conference  here  last 
week  are  embracing  a  “BI  for 
the  masses”  philosophy  with 
new  projects  to  quickly  move 
business  intelligence  reports 
and  analysis  to  workers,  sup¬ 
pliers  and  customers. 

For  example,  Rich  Pedott, 
vice  president  of  sourcing, 
planning  and  allocation  at 
Eastern  Mountain  Sports  Inc. 
in  Peterborough,  N.H.,  said 
his  company  is  testing  a  new 
system  that  promises  to  let 
customers  access  BI  data  from 
a  dashboard. 

“[The  dashboard]  provides 
you  a  very  cheap  way  to  do 
collaboration,”  Pedott  said. 
“You  are  no  longer  requiring 
your  supplier  or  your  vendor 
community  to  make  an  invest¬ 
ment  in  something  like  EDI. 
You  can  send  them  a  [custom¬ 
ized]  dashboard  that  is  rel¬ 
evant  just  to  them.  [Then]  they 
can  get  insights  and  help  drive 
your  business.” 

Pedott,  a  conference  at¬ 
tendee,  declined  to  provide 
more  details  about  the  project, 
contending  that  it  provides  a 
competitive  advantage  in  the 
retail  industry. 

IBI  last  week  announced 
that  it  has  integrated  its  Web- 
Focus  BI  tools  with  subsidiary 
iWay  Software  Inc.’s  middle¬ 
ware.  That  will  allow  users 
to  embed  analytics  into  user 
business  processes  using  Web 
services,  IBI  officials  said. 

E-mail  Access 

IBI  last  week  also  touted  its 
Active  Reports  tool,  which 
began  shipping  April  10,  as  a 
means  to  extend  BI  to  new  in¬ 
ternal  and  external  users.  The 
tool  allows  users  to  drill  down 
into  a  report  via  e-mail  as  if 
they  were  connected  directly 
to  a  BI  report  server. 

Since  December,  Air  Canada 


has  been  using  a  beta  version 
of  Active  Reports,  which  it 
hopes  can  be  used  to  provide 
reports  to  its  international 
sales  force,  said  Chantal 
Berthiaume,  manager  of 
marketing  intelligence  and 
information  delivery  at  the 
Montreal-based  airline. 

The  airline  may  also  use 
the  tool  to  provide  reports  to 
customers  —  something  the 
company  had  earlier  decided 
not  to  do,  she  said.  “There  is 
no  way  we  could  invest  in  the 
infrastructure,”  Berthiaume 
said.  “[Now]  we  would  just 
have  to  send  them  an  e-mail.” 

Rebecca  Price,  applications 
administrator  at  Dillard’s  Inc. 
in  Little  Rock,  Ark.,  said  she 
hopes  the  department  store 
chain  can  roll  out  Active  Re¬ 
ports  to  help  its  buyers  more 


easily  access  current  product 
sales  data  while  on  the  road. 

Price  said  Dillard’s  has  de¬ 
cided  to  extend  the  use  of  IBI’s 
WebFocus  tools  beyond  the 
accounting  department,  the 
company’s  only  current  user. 


NEW  PRODUCTS 


Information 
Builders  Inc. 

■  An  integrated  tool  incor¬ 
porating  the  WebFocus  BI  tools 
and  the  Web  services  designer 
tool  in  subsidiary  iWay  Soft¬ 
ware's  S0A  Middleware  suite. 

■  Power  Painter,  a  develop¬ 
ment  tool  designed  to  use 
Asynchronous  JavaScript  and 
XML  for  building  thin-client  BI 
applications  to  be  accessed  by 
a  large  number  of  users. 


Dan  Vesset,  an  analyst  at 
Framingham,  Mass.-based 
IDC,  said  operational  BI  — 
embedding  BI  in  the  business 
processes  used  by  front-line 
workers  —  is  becoming  more 
common  as  companies  seek 
tools  to  help  make  better  busi¬ 
ness  decisions. 

However,  he  and  several  us¬ 
ers  noted  that  companies  must 
also  make  sure  they  provide 
an  easy-to-use  interface. 

Robert  Richards,  director 
of  application  development  at 
Carlson  Hospitality  World¬ 
wide  Procurement  Group  Inc. 
in  Minnetonka,  Minn.,  said  op¬ 
erational  BI  applications  must 
be  as  easy  to  use  as  an  Internet 
search  engine.  “My  end  users 
have  difficulty  turning  on  the 
computer  [and]  with  the  con¬ 
cept  of  double-clicking  on  the 


October  deadline  required 
devices  such  as  PIV-compliant 
card  readers,  biometric  read¬ 
ers  and  physical  access- 
control  devices. 

The  National  Institute  of 
Standards  and  Technology  has 
created  a  set  of  conformance 
guidelines  for  vendors  of 
smart  cards  and  middleware 
technologies.  NIST  has  also 
established  test  laboratories 
where  vendors  of  smart-card 
technologies  can  get  products 
certified  for  conformance  with 
PIV  standards,  said  Curt  Bark¬ 
er,  a  NIST  program  manager. 

So  far,  only  two  vendors 
have  been  issued  compliance 


Milestones 

HOMELAND  SECURITY 
PRESIDENTIAL  DIRECTIVE  12 

Oct.  26,  2005: 

All  federal  agencies  are  required 
to  implement  background-check 
processes  to  verify  the  identities 
of  employees  and  contractors, 

Oct.  27,  2006:  . . 

Federal  agencies  must  start 
issuing  Personal  Identity 
Verification  smart  cards. 

FY  2007-FY  2008: 

Agencies  are  required  to 
complete  issuance  of  cards. 


mouse,”  Richards  said. 

Within  the  past  four  months, 
Carlson,  a  lessor  of  hotels, 
resorts  and  other  properties, 
has  rolled  out  WebFocus  dash¬ 
boards  to  its  hotels. 

Patrick  Yip,  a  director  at 
Pershing  LLC,  which  provides 
securities  clearing  and  settle¬ 
ment  services  to  institutional 
investors  and  investment 
advisers,  agreed  that  training 
is  key  to  any  effort  to  expand 
access  to  BI  tools. 

Pershing  requires  that  its  BI 
interfaces  be  as  easy  to  use  as 
hotel  reservation  sites. 

About  70,000  Pershing  us¬ 
ers  can  access  WebFocus  BI 
reports,  Yip  said.  This  year, 
he  added,  the  Jersey  City,  N.J.- 
based  company  plans  to  merge 
its  reporting  tools  with  an 
undisclosed  workflow  engine 
to  monitor  the  service  levels 
for  business  processes,  such  as 
the  time  it  takes  to  mail  checks 
to  customers.  ► 


certificates,  and  several  others 
are  going  through  the  process, 
he  said. 

“People  may  be  underesti¬ 
mating  the  logistical,  technical 
and  organizational  challenges” 
involved  in  rolling  out  the 
cards,  said  David  Troy,  prac¬ 
tice  manager  at  Plano,  Texas- 
based  Electronic  Data  Systems 
Corp. 

Even  when  PIV-compliant 
products  do  become  available, 
considerable  integration  work 
will  be  required,  said  Neville 
Pattison,  director  of  technol¬ 
ogy  and  government  affairs  at 
Axalto  Inc.,  a  smart-card  man¬ 
ufacturer  in  Austin.  “There’s  a 
lot  of  work  to  do  and  perhaps 
not  enough  time,”  he  said. 

Some  agencies  have  also 
been  forced  to  hustle  to  find 
funding  to  meet  the  require¬ 
ments  of  the  unfunded  pro¬ 
gram,  said  Manoj  Srivastava, 
CEO  of  Infomosaic  Inc.,  a 
Santa  Clara,  Calif.-based 
maker  of  a  workflow  software 
product  for  registering  indi¬ 
viduals  to  the  PIV  program. 

“Some  agencies  have  done 
nothing.  Some  have  done  a 
little,”  he  said.  “A  lot  of  them 
are  trying  to  do  the  minimum. 
There  really  is  no  money  to 
push  this  forward.”  ► 


Feds  Scrambling  to  Meet 
Looming  ID  Card  Deadline 


BY  JAIKUMAR  VIJAYAN 

The  U.S.  government  is  study¬ 
ing  whether  to  create  a  shared 
technology  and  services  infra¬ 
structure  to  help  agencies 
issue  new  Personal  Identity 
Verification  (PIV)  smart  cards 
to  all  employees  and  contrac¬ 
tors  beginning  in  October. 

Such  a  common  infrastruc¬ 
ture  would  make  it  easier 
and  cheaper  for  agencies  to 
enroll  and  register  people  in 
the  PIV  program,  said  David 
Temoshok,  director  for  iden¬ 
tity  policy  and  management 
at  the  U.S.  General  Services 
Administration.  The  GSA  and 
the  Office  of  Management  and 
Budget  are  undertaking  the 
study,  he  said. 

Federal  agencies  are  re¬ 
quired  to  distribute  smart 
cards  by  Oct.  27  under  Home¬ 
land  Security  Presidential 
Directive  12  (HSPD-12),  which 
was  issued  in  August  2004. 
The  directive  requires  that 
smart  cards  support  biometric 
identifiers. 

“If  we  can  put  a  common  in¬ 
frastructure  in  place  for  agen¬ 
cies  to  start  enrolling  and  reg¬ 


istering  individuals,  it  would 
be  a  huge  and  important  step” 
in  speeding  adoption  of  smart 
cards,  Temoshok  said. 

The  infrastructure  would 
include  common  services  for 
capturing  identity  and  bio¬ 
metric  information  and  the 
systems  needed  to  record  that 
information,  he  said. 

A  separate  GSA  executive 
steering  committee  is  study¬ 
ing  funding  and  governance 
issues  and  is  working  to  deter¬ 
mine  which  agencies  should 
be  responsible  for  overseeing 
a  shared  infrastructure,  said 
Temoshok.  Management  of  the 
infrastructure  could  be  out¬ 
sourced,  officials  said. 

More  Mandates 

HSPD-12  also  mandated  that 
federal  agencies  establish  proc¬ 
esses  for  verifying  the  identi¬ 
ties  and  backgrounds  of  all 
federal  employees.  That  effort 
was  completed  last  October  as 
required  by  the  directive. 

The  government’s  explora¬ 
tion  of  a  shared  infrastructure 
comes  as  federal  agencies 
scramble  to  install  by  the 
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Bugs  Found  in 
Symantec  Tool 

Security  researchers  have  found 
three  bugs  in  Symantec  Corp.’s 
Scan  Engine  security  software. 
Attackers  could  exploit  the  flaws 
to  gain  control  of  the  Scan  En¬ 
gine  server  or  to  inappropriately 
gain  access  to  files.  Security 
firm  Rapid7  LLC  discovered  the 
bugs  and  said  the  most  serious 
ones  were  caused  by  a  funda¬ 
mental  design  flaw  in  the  prod¬ 
uct’s  authentication  mechanism. 
Symantec  urged  its  customers  to 
patch  the  vulnerabilities. 


RSA  Purchases 
PassMark  for  $44M 

RSA  Security  Inc.  has  acquired 
PassMark  Security  Inc.,  a  vendor 
of  lightweight  authentication 
technology,  for  $44.7  million  in 
cash  and  stock.  RSA  said  the 
acquisition  of  PassMark  will  help 
the  company  become  a  “strategic 
hub”  for  the  financial  services 
industry.  RSA  will  add  the  Pass- 
Mark  products  to  its  Adaptive 
Authentication  product  line. 


Microsoft  Unveils 
IE  7  Beta  Software 

Microsoft  Corp.  has  launched 
a  beta  version  of  its  Internet 
Explorer  7  browser,  emphasizing 
new  security  features  designed 
to  overcome  problems  that 
plagued  earlier  versions  of  the 
Web  browser.  The  new  version 
includes  a  phishing  filter,  which 
informs  users  if  they  are  visit¬ 
ing  known  phishing  sites.  The 
updated  browser  is  designed 
for  the  Windows  Vista  operating 
system. 


Jury  Awards  $306M 
To  Rambus  in  IP  Suit 

A  jury  found  that  Hynix  Semi¬ 
conductor  Inc.  infringed  on  a 
series  of  Rambus  Inc.  patents 
and  awarded  the  latter  company 
S3QS.5  million  in  damages.  The 
jury  in  U.S.  District  Court  for  the 
Northern  District  of  California 
found  that  Hynix  infringed  on 
all  10  Rambus  patent  claims  de¬ 
bated  in  the  trial.  Hynix  officials 
did  not  respond  to  a  request  for 
comment  on  the  ruling. 
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Getting  a  Knack 
For  NAC  Tools . . . 


. . .  that  help  keep  nefarious  programs  off  your  network 
can  be  a  gnarly  task  -  at  least  for  now.  Stacey  Lum,  CEO 
of  InfoExpress  Inc.  in  Mountain  View,  Calif.,  says  that 
effective  use  of  network  access  control  (NAC)  soft¬ 
ware  involves  no  small  amount  of  complex  configura¬ 
tion  work  on  the  part  of  IT.  And  security  appliances 


often  have  trouble  scaling  up 
to  meet  the  demands  of  large 
networks,  Lum  says.  But  that 
will  all  change  with  the  arriv¬ 
al  of  Dynamic  NAC  from  Info- 
Express  in  July, 
he  claims.  The 


software  runs 
on  the  com¬ 
pany’s  Cyber- 
Gatekeeper 
appliances,  and  agent  code  is 
distributed  across  corporate 
networks  to  endpoint  devices, 
primarily  PCs.  Some  trusted 
endpoints  can  be  designated 
as  “enforcers”  that  interro¬ 
gate  new  devices  attempting 
to  log  onto  your  network  to 
ensure  that  they  comply  with 
access  policies,  Lum  says. 
Systems  that  aren’t  compliant 
get  quarantined  until  Cyber- 
Gatekeeper  remediates  their 
shortcomings.  Stand-alone 
pricing  for  Dynamic  NAC 
starts  at  $49  per  endpoint. 


Vernier  says  its  EdgeWall  8800 
appliance  can  multitask. 


Across  town,  Vernier  Net¬ 
works  Inc.  is  taking  “a  full 
life-cycle  approach  to  access 
control,”  says  Rod  Murchison, 
the  company’s  vice  president 
of  market¬ 
ing.  Vernier’s 
appliances 
can  handle 
end-user  au¬ 
thentication  as 
well  as  endpoint  inspection, 
authorization  and  reme¬ 
diation.  (Lum  says  Dynamic 
NAC  won’t  authenticate 
users.)  Vernier’s  EdgeWall 
8800  appliance  goes  into  beta 
later  this  month,  with  general 
availability  expected  in  the 
fall.  The  $29,900  device  offers 
significant  performance  im¬ 
provements  over  the  current 
7000  model,  Murchison  says. 
For  example,  the  8800  can 
handle  data  rates  of  40Gbit/ 
sec.,  which  is  40  times  more 
than  the  7000  supports. 


Open-source 
dreamers  are . . . 


. . .  flocking  to  Oregon.  The 

state’s  official  slogan  is  “We 
love  dreamers,”  and  Oregon 
seems  to  be  attracting  plenty 
of  open-source  devotees  who 
dream  of  unseating  commer¬ 
cial  software 
inside  IT 
departments. 
Bob  Repine, 
director  of 
the  Oregon 
Economic  & 
Community 
Development 
Department  in  Salem,  says 
that  jobs  at  open-source  com¬ 
panies  pay  80%  more  than 
the  state’s  average  wage  of 
$35,000,  which  is  why  the 
government  is  backing  the  de¬ 
velopment  of  an  open-source 
business  “cluster”  within  the 
state’s  economy.  In  addition 
to  a  handful  of  open-source 
companies,  the  state  is  home 
to  Oregon  State  University’s 
Open  Source  Lab  in  Corvallis, 
which  hosts  the  mother  code 
for  Mozilla,  MySQL,  Apache 
and  the  holiest  of  open-source 
holies:  the  Linux  kernel. 
There’s  also  Beaverton-based 
Open  Source  Development 
Labs  Inc.,  where  Linus 
Torvalds,  the  high  priest  of 
Linux,  now  works.  State  of¬ 
ficials  estimate  that  the  open- 
source  cluster  will  create 
3,000  jobs  in  Oregon  by  2010. 


Jobs  related  to 
open-source  in 
Oregon  today, 
says  Oregon 
Innovation 
Council. 


Don’t  get  stuck  in 
the  middle  of . . . 


. . .  a  middleware  transaction. 

That’s  what’s  happening  to 
a  lot  of  applications,  claims 
Bob  Harmon,  CEO  of  Solstice 
Software  Inc.  in  Claymont, 
Del.  His  com¬ 
pany’s  Integra 
Enterprise 
Suite  does 
quality- 
assurance 
checks  on  how 
well  Tibco, 
MQSeries, 
WebMethods 


and  other  middleware  con¬ 
nectors  are,  well,  connecting 
various  parts  of  your  applica¬ 
tions.  Harmon  says  that  for 
IT  staffs,  the  arrival  of  ser¬ 
vice-oriented  architectures 
adds  another  “huge  mountain 
to  climb”  for  integration.  Sol¬ 
stice  will  start  adding  quality 
assurance  tools  for  Web  ser¬ 
vices  to  Integra  next  month. 
Pricing  for  the  software  starts 
at  $7,000  per  QA  staffer. 

Put  your  Notes 
on  a  stick . . . 

...  a  memory  stick,  that  is.  Or 

any  other  type  of  Universal 
Serial  Bus  storage  device,  for 
that  matter.  IBM  plans  to  give 
end  users  the  ability  to  store 
a  full  Notes  client  on  USB 
fobs  by  year’s  end,  says  Carl 
Kranzel,  a  senior  technical 
staff  member  and  IBM  master 
inventor.  Third-party  Notes 
apps  will  run  on  USB  flash 
devices  as 
well,  Kranzel 
says.  End 
users  won’t 
have  to  lug 
their  business 
laptops  between  work  and 
home  to  check  e-mail  any¬ 
more,  he  explains.  They  can 
simply  plug  the  USB-based 
client  into  their  home  PCs. 
The  software  will  even  work 
on  iPods,  Kranzel  says. 

Secure  messaging 
content  across . . . 

. . .  many  communications  pro¬ 
tocols  with  one  tool.  Andrew 
Graydon,  chief  technology 
officer  at  BorderWare  Tech¬ 
nologies  Inc.  in  Mississauga, 
Ontario,  says  the  MXtreme 
Infinity  software  that  his 
company  plans  to  ship  late 
this  summer  will  enable  IT  to 
apply  content  policies  across 
e-mail,  instant  messaging, 
Web  and  even  voice-over-IP 
protocols  via  a  single  admin¬ 
istrative  console.  It  even  has 
an  “objectionable  content 
filter”  —  which  Graydon  help¬ 
fully  suggests  that  you  should 
review  in  private. » 


Notes  user 
sites,  says  IBM 
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Users  Seek  More  Info  on 
Microsoft’s  Model  Plan 

Exec  defends  company’s  progress 
on  management  tools  strategy 


BY  ERIC  LAI 

SAN  DIEGO 

ICROSOFT  CORP. 
last  week  took 
several  steps 
designed  to  bol¬ 
ster  its  System  Center  line  of 
management  tools.  But  some 
attendees  at  the  Microsoft 
Management  Summit  here 
said  they  were  disappointed 
by  the  lack  of  new  information 
about  the  company’s  Dynamic 
Systems  Initiative. 

DSI  is  Microsoft’s  over¬ 
arching  strategy  for  making 
systems  more  self-managing 
through  the  use  of  software 
models  in  which  IT  staffs 
can  capture  data  about  their 
computing  environments.  The 
System  Center  products,  in¬ 
cluding  Systems  Management 
Server  (SMS)  and  Microsoft 
Operations  Manager,  are  also 


key  components  of  DSI. 

But  the  System  Center  an¬ 
nouncements  made  at  last 
week’s  conference  were  “more 
tactical  than  strategic,”  said  a 
systems  engineer  who  asked 
not  to  be  identified.  “In  six 
months.  I’m  going  to  have  to 
think  about  how  to  implement 
these  tools.  What  I  got  was 
very  much  an  appetizer.  What 
I  needed  was  a  full  entree.” 

“Some  of  the  features  they 
showed  were  nice,  but  I  was 
looking  for  more  architect- 
scale  news,”  said  another  at¬ 
tendee  who  also  didn’t  want  to 
be  identified. 

In  an  interview,  Bob  Muglia, 
senior  vice  president  of  Micro¬ 
soft’s  server  and  tools  busi¬ 
ness,  said  that  the  company 
shipped  the  first  design-side 
version  of  its  System  Defini¬ 
tion  Model  (SDM)  as  part  of 


the  Visual  Studio  2005  Team 
System  development  tool  set 
released  last  fall.  SDM  is  the 
technology  that  can  be  used  to 
create  models  as  part  of  DSI. 

Muglia  also  pointed  to  Dis¬ 
tributed  Management  Task 
Force  Inc.’s  announcement  last 
week  that  it  had  accepted  the 
Web  Services  for  Management 
specification  as  a  preliminary 
standard.  Microsoft  was  one 
of  the  development  leaders 
on  WS-Management,  which  it 
views  as  a  key  element  of  DSI, 
because  the  standard  will  help 
ease  interoperability  between 
Microsoft’s  tools  and  software 
from  other  vendors. 

“We  announced  DSI  three 
years  ago,  and  since  then, 
we’ve  kept  on  driving  forward 
and  filling  in  the  blanks,”  Mug¬ 
lia  said. 

System  Center  competes 
with  product  suites  such  as 
Hewlett-Packard  Co.’s  Open- 
View,  IBM’s  Tivoli  and  CA 
Inc.’s  Unicenter.  At  last  week’s 


conference,  Microsoft  an¬ 
nounced  Service  Desk  2007,  a 
help  desk  application  that  cur¬ 
rently  is  in  beta  testing.  It  also 
showed  off  features  that  will 
be  in  the  upcoming  Version  4 
of  SMS,  including  support  for 
Microsoft’s  Network  Access 
Protection  technology. 

The  NAP  tools  will  be  able 
to  check  PCs  running  Win¬ 
dows  Vista  to  see  if  they  have 
the  latest  security  updates.  If 
not,  SMS  will  prevent  them 
from  accessing  a  corporate 
network  until  the  required 
updates  are  installed  and  will 
notify  users  about  their  status 
via  pop-up  messages. 

“You  can  patch  all  day,  but 
what  happens  when  a  user 
logs  in  before  getting  the  latest 
updates?”  said  Bryan  Henson, 
a  senior  systems  engineer  at 
Pioneer  Natural  Resources  Co. 
in  Irving,  Texas.  The  oil  and 
gas  company  uses  SMS  2003 
to  manage  1,600  PCs  and  400 
servers  worldwide.  Henson 
said  NAP  is  a  feature  that  Pio¬ 
neer  “had  been  asking  Micro¬ 
soft  for  for  a  long  time.” 

Service  Desk  2007  will  give 
help  desk  staffers  a  single  view 
for  tracking  trouble  tickets. 
“The  first  version  won’t  have 


Software  Schedule 


Microsoft’s  System  Center 
development  road  map 

JUNE  2006** 

■  Second  beta  of  SMS  Ver¬ 
sion  4,  which  is  being  renamed 
System  Center  Configuration 
Manager  2007 

■  First  public  beta  of  Microsoft 
Operations  Manager  upgrade, 
to  be  called  System  Center 
Operations  Manager  2007 

SECOND  HALF  OF  THIS  YEAR 

■  Commercial  release  of 
Operations  Manager  2007 

FIRST  HALF  OF  2007 

■  Shipment  of  Configuration 
Manager  2007  and  a  virtualiza¬ 
tion  management  tool  code- 
named  Carmine 


SECOND  HALF  OF  2007 

■  Expected  time  frame  for 
deliveries  of  Service  Desk  2007 
and  Release  2  of  Operations 
Manager  2007 

all  the  cool  features  you’ll 
want,  but  I  think  the  product 
will  be  good  enough  that  I’d 
give  a  serious  look  at  the  beta,” 
said  Dan  Twing,  an  analyst  at 
Enterprise  Management  Asso¬ 
ciates  in  Boulder,  Colo.  * 


GM  Security  Chief  Gives  Hackers  a  Lesson 


BY  JAIKUMAR  VIJAYAN 

General  Motors  Corp.’s  chief  in¬ 
formation  security  officer,  Eric 
Litt,  used  the  chance  to  speak  at 
the  European  Black  Hat  Con¬ 
vention  in  Amsterdam 
earlier  this  year  to  reach 
out  to  the  hacker  com¬ 
munity  and  explain  the 
problems  large  corpora¬ 
tions  face  when  dealing 
with  software  vulner¬ 
abilities.  He  discussed 
security  issues  in  an 
interview  with  Comput- 
erworld  last  week. 

What  are  responsible  vulner¬ 
ability  disclosure  and  remediation 

practices?  I  broke  the  problem 
into  a  bunch  of  different  view¬ 
points  when  I  did  the  Black 
Hat  thing.  If  you  take  a  look 
at  the  exploiter’s  view  of  the 
world,  what  motivates  them? 
Fame,  fortune,  curiosity  and 
creativity.  They  want  atten¬ 


tion,  they  want  money.  If  you 
look  at  the  ethical  researchers’ 
world,  they  are  motivated  by 
the  same  things.  The  differ¬ 
entiator  is  what  they  do  with 
the  information.  So 
as  the  CISO  of  a  large 
company,  don’t  I  want 
things  to  be  discovered? 
Absolutely,  because  I 
want  to  make  sure  vul¬ 
nerabilities  are  plugged. 
I  want  people  to  be 
rewarded  for  the  work 
they  have  done.  If  they 
are  not  rewarded  on  the 
clean  side,  they’ll  be  re¬ 
warded  on  the  dirty  side. 

How  should  bugs  be  disclosed? 

Suppose  there’s  a  vulnerability 
in  some  platform  and  you  go 
tell  the  world  about  it.  Some 
researchers  would  say  that’s 
exactly  what  you  should  [do], 
because  otherwise  the  vendor 
won’t  address  it.  I  say,  “You 


are  telling  people  how  I  can 
be  compromised,  and  that’s 
a  big  problem.”  [On  the  other 
hand],  you  discover  something 
and  you  tell  vendor  XYZ  that 
there’s  a  vulnerability  in  their 
product  and  they  do  noth¬ 
ing  for  200  days.  We  haven’t 
created  between  the  vendor, 
the  ethical  researcher  and 
the  business  consumer  an 
environment  that  we  can  all 
benefit  from.  It  is  doable,  but 
I’m  not  sure  anybody  is  really 
taking  on  that  challenge. 

How  should  vendors  respond  to 
vulnerabilities  found  in  their  prod¬ 
ucts?  In  an  ideal  world,  there 
wouldn’t  be  any  vulnerabili¬ 
ties  and  they  wouldn’t  have 
to  disclose  anything.  But  that 
is  not  the  real  world.  Really 
critical  vulnerabilities  must  be 
plugged  immediately.  On  the 
other  hand,  what  is  critical?  I 
think  what  you  are  seeing  in 


the  industry  today  is  that  most 
of  the  vendors  are  trying  to  be 
very  conservative  in  their  rat¬ 
ings  of  vulnerabilities.  What 
they  are  really  trying  to  do  is 
limit  the  exposure  that  gets 
generated  from  them  having 
had  a  vulnerability. 

What  is  the  ideal  vendor  response? 

It’s  very  context-dependent.  In 
my  position,  of  course,  I’d  like 
to  know  everything  [relating 
to  a  vulnerability].  But  is  that 
reasonable?  I  think  enough  in¬ 
formation  should  be  released 
so  that  people  can  make  a 
reasonable  assessment  of  how 
vulnerable  they  are.  But  we 
don’t  want  to  provide  infor¬ 
mation  that  helps  unethical 
people  compromise  systems 
before  issues  can  be  addressed. 

How  do  you  respond  to  disclosure 
of  bugs?  We  don’t  continuously 
want  to  have  our  environment 
in  turmoil  from  being  forced 
to  constantly  patch  and  patch 


in  rapid  fashion  without  hav¬ 
ing  the  ability  to  validate  that 
these  patches  are  not  going  to 
hurt  us.  We  need  to  have  time 
to  do  due  diligence. 

Microsoft  has  drawn  a  lot  of  criti¬ 
cism  for  its  security  failures.  How 
do  the  other  major  vendors  com¬ 
pare?  I  think  Microsoft  is  an 
easy  target.  You  can  complain 
about  Microsoft  all  you  want, 
but  you  also  have  to  recognize 
they  have  made  significant 
investments,  and  I  think  they 
have  made  significant  prog¬ 
ress.  They  are  still  not  where 
we  want  them  to  be,  but  they 
are  significantly  better.  Then 
you  start  looking  at  the  other 
people  and  say,  “What  kind  of 
a  job  are  they  doing?”  There 
was  one  who  released  82  or 
83  patches  very  recently.  So 
Microsoft  is  not  the  only  one 
with  this  problem.  Quite 
frankly,  I  think  some  other 
vendors  are  in  denial.  They 
worry  me  the  most. » 


Have  You  Unlocked  the  True 
Value  of  Business  Intelligence? 

Computerworld’s  IT  Management  Summit  Can  Show  You  How 


Why  do  some  companies  thrive  and  prosper  by 
leveraging  business  intelligence,  while  others  can't 
seem  to  find  the  value?  In  today’s  competitive 
marketplace,  maximizing  business  performance 
can  be  directly  related  to  understanding  how  to 
unlock  the  potential  of  business  intelligence.  And 
understanding  this  potential  can  be  learned  by 
simply  seeing  how  others  have  succeeded. 


May  10,  2006  •  Chicago,  Illinois 

Metropolitan  Club  •  Oak  Room  •  Sears  Tower,  66th  Floor 


Unlocking  the  Value  of  Business  Intelligence: 

Keys  to  Maximizing  Business  Performance 


8:00am  to  8:30am  Registration  and  Networking  Breakfast 


8:30am  to  8:40am 


8:40am  to  9:20am 


9:20am  to  1 0:00am 


Introduction  and  Overview 

Ron  Milton,  Executive  Vice  President,  Computerworld 

Business  Intelligence  Best  Practice  and  Technology  Overview 

Bill  Hostmann,  featured  Research  Vice  President,  Gartner 

Competing  on  Analytics 

Thomas  Davenport,  President's  Distinguished  Professor  of 
Information  Technology  and  Management,  Babson  College 


10:00am  to  10:15am  Refreshment  and  Networking  Break 


1 0:1 5am  to  1 0:50am 
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Using  Technology  to  Get  Better  Answers  Faster 

Keith  Collins,  Senior  Vice  President  and  Chief  Technology  Officer, 


SAS 


10:50am  to  1 1 :25am  Hfllj  The  Top  Ten  Success  Factors  in  Business  Intelligence 

Gregory  McMillan,  Senior  Manager,  IT  Systems, 

ByH  Ford  Motor  Company 


Apply  to  attend  Computerworld’s  complimentary*  1 1 :25am  to  Noon 

half-day  IT  Management  Summit:  Unlocking  the 
Value  of  Business  Intelligence:  Keys  to 

Maximizing  Business  Performance.  Noon 

*  Complimentary  registration  is  restricted  to  qualified 
IT  directors  and  managers  only. 


Bl  at  Pfizer:  A  Case  Study 

11!®  Danny  Siegel,  Director,  Human  Health  Information  Technology, 
liSHk!  Pfizer  Global  Pharmaceuticals  Division,  Pfizer,  Inc. 

Optional  Luncheon  and  Presentation 

Bill  Hostmann,  featured  Research  Vice  President,  Gartner 


Apply  for  registration  today 

Contact  Jean  Lee  at  888-299-01 55 
or  visit:  www.itmanagementsummit.com 


••• 

•  •  •  •  • 


COMPUTERWORLD 

IT  MANAGEMENT  SUMMIT 


BUSINESS  INTELLIGENCE 


Exclusively  sponsored  by 


5sas 

The  Power  to  Know. 


SAS  and  all  other  SAS  Institute  Inc.  product  or  service  names  are  registered  trademarks  or  trade¬ 
marks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  (§)  indicates  USA  registration.  Other 
brand  and  product  names  are  trademarks  of  their  respective  companies.  Intel  and  the  Intel  logo  are 
trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and 
other  countries. 


l!  COMPUTERWORLD  May  1,2006 


BRIEFS 


NEC  Victim  of  Piracy 
Ring;  Probe  Ongoing 

NEC  Corp.  acknowledged  today 
that  the  company  has  been  the 
victim  of  a  large-scale  piracy 
ring  that  sold  both  counterfeit 
NEC  goods  as  well  as  NEC- 
branded  products  that  the 
company  does  not  even  manu¬ 
facture.  An  NEC  spokesman 
said  that  the  company  is  still 
investigating  to  determine  where 
and  by  whom  the  counterfeit 
keyboards,  writeable  CDs  and 
DVDs,  and  MP3  players  were 
made  and  sold. 


Avocent  to  Buy 
LANDesk  for  $146M 

Avocent  Corp.,  a  maker  of  infra¬ 
structure  management  software, 
has  agreed  to  buy  LANDesk 
Group  Ltd.  for  $146  million. 
LANDesk,  a  maker  of  desktop 
management  products,  was  once 
part  of  Intel  Corp.,  which  spun 
it  off  into  a  separate  company  in 
2002.  The  LANDesk  acquisition 
follows  Avocent’s  purchase  of 
Cyclades  Corp.  earlier  this  year. 
Cyclades  specializes  in  Linux- 
based  management  tools. 


Microsoft  Purchase  to 
Boost  Asset  Tracking 

Microsoft  Corp.  has  acquired 
AssetMetrix  Corp.,  a  small 
Ottawa-based  provider  of  Web- 
based  asset  management  servic¬ 
es.  Officials  said  AssetMetrix’s 
technology  will  help  improve 
the  asset-tracking  capabilities 
in  Microsoft’s  System  Center 
family  of  management  applica¬ 
tions.  Financial  terms  of  the  deal 
weren’t  disclosed. 


NEC  Merges  North 
American  Divisions 

NEC  plans  to  merge  three  North 
American  units  -  NEC  America 
Inc.,  NEC  Solutions  (America) 

Inc.  and  NEC  USA  Inc.  -  into  a 
single  company.  The  merged 
company,  to  be  called  NEC 
Corporation  of  America,  will  be 
headquartered  in  Irving,  Texas. 
The  merger  will  close  on  July  1. 
The  new  company  will  focus  on  IT 
and  network  systems,  according 
to  NEC. 
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World  Users  Push  for  Additional 
Training,  Upgrades  From  Oracle 


Hope  company’s  extension  of  support 
is  a  harbinger  of  more  improvements 


BY  MARC  L.  SONGINI 

NASHVILLE 

WORLD  ERP  users 
last  week  said 
they  hope  that 
Oracle  Corp.’s 
promise  to  support  the  soft¬ 
ware  indefinitely  will  also 
mean  improvements  to  the 
vendor’s  technical  assistance 
programs  and  a  clear  upgrade 
process. 

Users  of  the  former  J.D. 
Edwards  software  noted  that 
Oracle’s  commitment  to  World, 
announced  late  last  month, 
comes  after  years  of  uncer¬ 
tainty  about  the  product’s 
future. 

Despite  the  resurgent 
support  for  the  World  green- 
screen  applications,  users  at 
last  week’s  Collaborate  2006 
Oracle  user  conference  here 
said  there  are  still  problems 
that  need  to  be  fixed. 

For  instance,  at  a  time  when 
World  training  is  vital  for  us¬ 
ers,  Oracle  has  been  “behind 
the  curve”  in  providing  such 
programs,  said  conference 
attendee  Gary  Riley,  a  sys¬ 
tems  analyst  at  Matanuska 
Telephone  Association  Inc.  in 
Palmer,  Alaska. 
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Riley  said  that  as  veteran 
World  users  leave  companies, 
such  training  programs  are 
needed  to  prepare  the  next 
generation  of  IT  staffers. 

Riley  is  a  member  of  Col¬ 
laborate  co-sponsor  Quest 
International  Users  Group, 
which  includes  users  of  Ora¬ 
cle’s  World  and  its  follow-on 
OneWorld  and  OneWorld  XE 
ERP  applications.  All  of  the 
products  were  developed  by 
J.D.  Edwards,  which  is  now 
owned  by  Oracle. 

A  Matter  of  Timing 

Some  attendees  at  the  confer¬ 
ence  also  noted  that  Oracle’s 
decision  to  extend  World  sup¬ 
port  beyond  the  previous  2013 
termination  date  comes  too 
late  to  help  many  longtime 
customers. 

J.D.  Edwards’  lack  of  support 
for  the  line  in  recent  years, 
which  was  not  addressed  until 
it  was  acquired  by  PeopleSoft 
Inc.  and  then  by  Oracle,  along 
with  a  lack  of  upgrades,  led 
many  sites  to  replace  the  soft¬ 
ware,  users  said. 

For  example,  the  IT  staff 
at  Benderson  Development 
Corp.,  a  Buffalo,  N.Y.-based 


real  estate  firm,  is  preparing  to 
replace  World  with  Enterprise- 
One,  said  Dave  Hyzy,  director 
of  IT  at  the  company. 

World  has  served  Benderson 
well,  Hyzy  said  at  the  confer¬ 
ence,  but  real  estate  industry- 
specific  upgrades  have  been 
lacking. 

Hyzy  said  Benderson  de¬ 
cided  to  replace  World  rather 
than  have  its  internal  devel¬ 
opment  team  customize  the 
software. 

Elizabeth  Goins,  systems 
analyst  for  the  Manatee 
County  School  District  in 
Florida,  noted  that  many  of  the 
problems  with  World  began 
long  before  Oracle  acquired 
the  product. 

Goins,  who  is  also  director 
of  World  advocacy  at  Quest, 
said  that  many  customers 
stopped  participating  in  user 
group  activities  as  support  for 
the  product  languished  while 
it  was  owned  by  J.D.  Edwards. 
Therefore,  many  users  lost 
the  ability  to  communicate  di¬ 
rectly  with  Oracle  developers 
and  managers  through  Quest’s 
channels. 

Since  Oracle’s  acquisition  of 
PeopleSoft,  she  noted,  the  lack 
of  communication  has  caused 
confusion  among  some  World 
users  about  Oracle’s  plans  for 
the  applications. 


Oracle  Vows  Unlimited  Support  for  Acquired  Apps 


NASHVILLE 

ORACLE  last  week  assured  its 
installed  base  that  there  will  be  no 
forced  marches  to  Fusion,  its  next- 
generation  set  of  applications. 

At  Oracle’s  Collaborate  2006 
user  conference  here  last  week, 
the  company  announced  that  it  will 
indefinitely  support  and  upgrade  the 
products  it  gained  through  its  ac¬ 
quisitions  of  PeopleSoft  and  Siebel 
Systems,  as  well  as  its  own  line  of 
applications. 

Oracle  had  previously  commit¬ 
ted  to  support  the  products  only 
through  2013. 


Jesper  Andersen.  Oracle's  senior 
vice  president  of  application  strat¬ 
egy,  said  the  move  was  made  to 
ease  the  fears  of  users  of  the  older 
products.  “We  have  30,000  cus¬ 
tomers  and  need  to  make  sure  we 
treat  them  well  [so]  they’ll  stay  with 
Oracle  a  long  time,”  he  said. 

Pat  Dues,  president  of  the  inde¬ 
pendent  Oracle  Applications  Users 
Group,  said  the  Atlanta-based  orga¬ 
nization  plans  to  poll  its  members 
to  get  a  collective  judgment  of  the 
announcement.  The  0AUG  was  a 
co-sponsor  of  the  Collaborate  event. 

Speaking  tor  herself,  Dues  said 


Oracle’s  move  does  make  sense 
because  it  relieves  customers  from 
any  pressure  of  a  forced  migration 
to  Fusion.  Some  companies  had 
concerns  about  the  cost  of  moving 
to  Fusion,  she  noted. 

Dues,  also  project  manager  for 
the  city  of  Las  Vegas  and  a  user  of 
the  Oracle  E-Business  Suite,  said 
her  operation  is  interested  in  mov¬ 
ing  to  Fusion  and  its  next-generation 
technology.  “We’re  anticipating  by 
bringing  these  applications  together, 
well  get  the  best  of  PeopleSoft  and 
Siebel,”  she  said. 

-  MARC  L.  SONGINI 


COLLABORATE  2006 

Oracle 

Announcements 

®  Indefinite  support  and 
upgrades  for  Siebel,  People- 
Soft  Enterprise  and  Enterprise- 
One,  J.D.  Edwards  World,  and 
Oracle  E-Business  Suite 
applications 

®  Plans  to  integrate  Siebel 
7.8  with  Oracle  Fusion  middle- 


0  Plans  for  1,000  world¬ 
wide  events  to  break  down 
Oracle’s  strategy 


In  addition,  a  number  of 
World  users  said  they  don’t 
know  what  will  be  in  the  next 
iteration  of  the  product,  Ver¬ 
sion  A9.1,  or  exactly  when  it 
will  ship.  A  couple  of  custom¬ 
ers  at  the  conference  said  they 
were  unsure  of  what  educa¬ 
tional  and  training  resources 
were  available  from  Oracle. 

With  Oracle’s  renewed  com¬ 
mitment  to  the  product,  Goins 
said  the  user  group  and  Oracle 
will  more  aggressively  reach 
out  to  World  users  through 
Quest’s  Web  site  and  by  con¬ 
ducting  surveys  on  user  needs. 

John  Schiff,  vice  president 
and  general  manager  of  the 
World  product  line  at  Oracle, 
said  the  company  is  indeed 
working  to  improve  commu¬ 
nication  with  World  custom¬ 
ers.  Oracle  is  also  beefing  up 
World  technical  and  training 
resources  for  users,  he  added. 

Schiff  also  noted  that  Oracle 
has  created  a  World-specific 
blog  for  users  and  online  train¬ 
ing  programs.  In  addition, 
company  executives  have  been 
attending  regional  user  group 
meetings. 

“We  can  never  do  enough 
with  communication,”  Schiff 
said.  “But  it’s  a  two-way  street. 
We’ve  got  to  share  information 
through  the  staff  with  users. 
And  we  need  them  to  also  par¬ 
ticipate,  to  listen  and  respond 
and  give  us  feedback.” » 
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Access  your  business-critical  information 
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around  the  world. 
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Protesters  Aim  to  Foil 
U.K.’s  ID  Card  Plans 

LONDON 

CONSUMER  GROUP  in  the  U.K.  is 
urging  residents  to  renew  their 
passports  this  month  in  order  to 
avoid  being  listed  in  a  national  identity 
registry  for  the  next  10  years. 

The  London-based  group,  called 
No2ID,  is  campaigning  against  the 
planned  adoption  of  national  ID  cards 
because  of  concerns  that  the  security 
of  personal  data  could  be  put  at  risk  in 
the  ID  card  system. 

Under  the  Identity  Cards  Act,  which 
was  approved  by  Parliament  this  year, 
the  passport  application  and  renewal 
process  will  be  used  to  collect  bio¬ 
metric  data  and  other 
information  that  will  be 
stored  on  cards  and  in  the 
national  registry. 

Phil  Booth,  national  co¬ 
ordinator  for  No2ID,  said 
that  since  the  registry 
hasn’t  been  set  up  yet,  re¬ 
newing  now  would  allow 
citizens  to  avoid  being 
included  in  the  registry’s 
database  for  the  10  years 
their  passports  will  be 
valid. 


No  date  has  been  set  for  starting 
to  collect  data  for  the  ID  cards,  said 
a  spokeswoman  for  the  U.K.  govern¬ 
ment’s  Home  Office.  Use  of  the  identity 
registry  is  scheduled  to  begin  in  2008, 
she  added. 

■  NANCY  G0HRIN6,  IDG  NEWS  SERVICE 

U.S.  Firm  Buys  Stake 
In  Deutsche  Telekom 

BONN 

Tihe  blackstone  group,  a  New 
York-based  private  equity  firm,  has 
agreed  to  pay  about  €2.7  billion 
($3.3  billion  U.S.)  to  buy  a  4.5%  stake 
in  Deutsche  Telekom  AG  from  KfW 
Bankengruppe,  a  bank  that’s  owned 
jointly  by  Germany’s  federal  and  state 
governments. 

Frankfurt-based  KfW’s 
ownership  stake  in 
Deutsche  Telekom  will 
shrink  to  17.3%  once  the 
sale  closes.  But  the  bank 
will  continue  to  be  the 
Bonn-based  telecommuni¬ 
cations  company’s  largest 
shareholder;  the  German 
government  holds  a  sepa¬ 
rate  15.2%  share. 

The  addition  of  Black- 
stone  as  an  investor 


GLOBAL  FACT 


The  projected  size 
Of  the  market  for  IT 
outsourcing  services  in 
Europe,  the  Middle  East 
and  Africa  in  2009. 


comes  as  Deutsche  Telekom  CEO 
Kai-Uwe  Ricke  is  moving  to  cut  operat¬ 
ing  costs  by  reducing  the  company’s 
workforce.  At  the  same  time,  the  com¬ 
pany  plans  to  spend  €3  billion  ($3.7 
billion  U.S.)  to  build  a  high-speed  fiber¬ 
optic  network  that  will  operate  in  50 
German  cities. 

■  JOHN  BLAU,  IDG  NEWS  SERVICE 

Survey  Shows  Rise  in 
Cost  of  U.K.  Breaches 

LONDON 

The  overall  cost  of  security 

breaches  at  large  U.K.  companies 
rose  by  about  50%  between  2004 
and  2005,  according  to  a  study  that  was 
commissioned  by  the  U.K.  government 
and  released  last  week  at  the  Infosecu- 
rity  Europe  2006  conference  here. 

However,  the  biannual  survey  of 
1,000  companies  of  varying  sizes  also 
found  that  the  number  of  breaches 
reported  by  large  businesses  in  the 
U.K.  dropped  by  about  half  from  year 
to  year  because  of  increased  security 
budgets. 

Overall,  the  percentage  of  companies 
that  reported  having  security  incidents 
dropped  from  74%  to  64%.  “That’s 
good  news,”  said  Alun  Michael,  the 
U.K.’s  minister  of  state  for  industry  and 
regional  economies.  “But  it’s  no  cause 
for  complacency.” 

■  JEREMY  KIRK,  IDG  NEWS  SERVICE 


Compiled  by  Mike  Bucken. 


Briefly  Noted 

Intel  Corp.  has  opened  a  research 
and  development  center  for  multi¬ 
core  processors  at  its  lab  in  Braun¬ 
schweig,  Germany.  The  chip  maker 
had  said  last  year  that  it  would  shift 
the  Braunschweig  facility’s  focus 
from  designing  chips  for  optical 
networks  to  developing  “many-core” 
processors  and  related  software. 

■  JOHN  BLAU,  IDG  NEWS  SERVICE 


Microsoft  Corp.  has  agreed  to 
spend  $900  million  over  the  next 
five  years  to  promote  the  growth 
of  the  IT  industry  in  China,  accord¬ 
ing  to  a  statement  released  by  the 
company  and  China’s  National  De¬ 
velopment  and  Reform  Committee. 
Microsoft  plans  to  buy  $700  million 
worth  of  hardware  from  Chinese 
vendors  and  invest  $200  million  in 
Chinese  software  vendors. 

■  ELIZABETH  M0NIALBAN0, 

IDG  NEWS  SERVICE 


Malmtt  Aviation,  an  airline  in  Malmb, 
Sweden,  has  awarded  a  five-year  IT 
operations  management  contract 
worth  24  million  Swedish  crowns 
($3.2  million  U.S.)  to  Unisys  Corp. 
Under  the  deal,  Unisys  will  manage 
the  airline’s  business  applications 
and  help  desk  and  provide  on-site 
technical  support.  MalmO  Aviation’s 
servers  will  be  moved  to  a  Unisys 
facility  in  Alingscis,  Sweden. 


Vendors  Promise  Network,  Storage  Management  Links 


BY  SHARON  FISHER 

Users  last  week  had  mixed 
views  of  growing  vendor 
efforts  to  create  products  that 
can  merge  network  and  stor¬ 
age  management  functions. 

“It’s  a  logical  evolution,” 
said  Bill  Mahoney,  a  network 
architect  for  the  U.S.  Air  Force 
at  Hanscom  Air  Force  Base 
in  Bedford,  Mass.,  during  the 
EMC  World  user  conference  in 
Boston  last  week. 

On  the  other  hand,  “I  don’t 
see  the  natural  fit  to  bring  that 
all  under  one  umbrella,”  said 
John  Hegner,  vice  president  of 
technology  services  at  Liberty 
Medical  Supply  Inc.,  a  user  of 
EMC  Corp.  storage  products 
in  Port  Saint  Lucie,  Fla. 

“We  have  separate  tools  to 
manage  our  network  and  to 
manage  our  storage.  I  think 
the  skill  set  and  the  tools  to 


manage  each  product  are  dif¬ 
ferent,  and  I  don’t  see  the  big 
value  of  bringing  them  togeth¬ 
er,”  Hegner  said. 

Liberty  Medical  uses  EMC’s 
Navisphere  storage  manage¬ 
ment  software  and  EPICenter 
network  management  prod¬ 
ucts  from  Extreme  Networks 
Inc.  in  Santa  Clara,  Calif. 

Meanwhile,  several  big  stor¬ 
age  vendors  have  disclosed 
plans  to  offer  integrated  stor¬ 
age  and  network  management 
tools  over  the  next  year  or  two. 

For  example,  Hopkinton, 
Mass.-based  EMC  announced 
plans  at  its  user  conference 
to  integrate  over  the  next  18 
months  its  ControlCenter  stor¬ 
age  management  functionality 
with  the  Smarts  network  man¬ 
agement  product  family,  which 
EMC  acquired  in  2004. 

Hewlett-Packard  Co.  plans 


to  incorporate  over  the  next 
six  to  12  months  storage  man¬ 
agement  technology  gained 
with  last  October’s  acquisition 
of  AppIQ_Inc.  into  its  Open- 
View  network  management 
products,  said  Ash  Ashutosh, 
chief  technical  officer  of  stor¬ 
age  management  software 
at  the  firm’s  StorageWorks 
division. 

HP’s  storage  management 
software  already  works  with 
network  management  soft¬ 
ware  from  competitors  such  as 

«  I  don’t  see  the 
natural  fit  to 
bring  that  all  under 
one  umbrella. 


JOHN  HEGNER,  VICE  PRESIDENT 
OF  TECHNOLOGY  SERVICES. 
LIBERTY  MEDICAL  SUPPLY  INC. 


BMC  Software  Inc.  and  IBM. 

IBM  and  network  manage¬ 
ment  tool  makers  BMC,  CA 
Inc.,  Fujitsu  Ltd.  and  HP  Soft¬ 
ware  Inc.  agreed  to  jointly 
develop  an  industry  standard 
for  configuration  management 
databases  to  ease  the  integra¬ 
tion  of  storage  and  network 
management  systems,  said 
Kristof  Kloeckner,  vice  presi¬ 
dent  of  development  for  IBM’s 
Tivoli  unit. 

And  Sun  Microsystems  Inc. 
this  week  will  unveil  several 
products  that  will  bring  it 
closer  to  offering  combined 
storage  and  network  manage¬ 
ment  capabilities,  said  James 
Whitemore,  vice  president 
and  chief  marketing  officer  for 
Sun’s  data  management  group. 

Jed  Dobson,  systems  archi¬ 
tect  at  Hanover,  N.H.-based 
Dartmouth  College,  which 
uses  Sun  storage  systems,  sug¬ 
gested  that  the  integration  of 


storage  and  network  manage¬ 
ment  products  may  be  just  a 
ploy  by  vendors  to  maintain 
control  of  data  centers. 

“Maybe  they  just  don’t  want 
to  give  up  control  of  the  man¬ 
agement  platform,”  Dobson 
said. 

“There’s  two  ends  that  mat¬ 
ter,  and  that’s  the  user  and  the 
data,”  said  Steve  Duplessie,  an 
analyst  at  Enterprise  Strategy 
Group  Inc.  in  Milford,  Mass. 
“Data  sits  on  storage  and  tra¬ 
verses  networks  to  get  to  a 
user,  where  it  becomes  useful. 
Having  those  things  inte¬ 
grated  makes  intuitive  sense, 
whether  you  pick  Smarts  or 
OpenView  or  Sun.” 

Duplessie  acknowledged 
that  users  looking  at  the  trend 
from  a  day-to-day  tactical 
perspective  might  be  less 
interested  in  it.  “If  something 
works,”  he  said,  “why  on  earth 
would  you  fix  it?”  > 
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CA 


much  of  the  blame  on  the  way 
it  is  accounting  for  revenue 
from  recent  acquisitions,  it 
also  pointed  to  “a  slow  book¬ 
ings  start”  during  the  quarter. 

John  Swainson,  CA’s  presi¬ 
dent  and  CEO,  said  he  is  confi¬ 
dent  that  the  company  is  on  the 
right  track  and  that  the  chang¬ 
es  made  internally  since  he  was 
hired  in  November  2004  will 
have  “a  beneficial  impact”  in 
the  fiscal  year  that  started  this 
month.  A  full  turnaround  won’t 
happen  overnight,  though 

—  Swainson  said  last  fall  that 
it  would  likely  take  until  2008 
to  complete  his  planned  make¬ 
over  of  CA. 

Dale  Ross,  a  senior  database 
consultant  at  Polaris  Tech¬ 
nologies  Ltd.  in  Calgary,  Al¬ 
berta,  is  a  longtime  user  of  CA 
products.  He  said  CA  is  taking 
the  right  steps  on  ethics  issues 
in  the  wake  of  the  accounting 
scandal.  But  he  added  that  the 
company’s  ability  to  improve 
its  financial  performance  and 
continue  to  develop  useful 
technologies  is  still  unproven. 

“The  proof  is  in  the  pud¬ 
ding,”  Ross  said.  “We  hear  the 
CA  brass  making  the  right 
comments.  But  the  question  is 
whether  they  follow  through.” 

To  Ross,  Kumar’s  guilty  plea 
was  a  positive  step  toward 
encouraging  appropriate  be¬ 
havior  by  corporate  executives 
in  general.  “Once  you  see  guys 
like  Sanjay  led  away  in  hand¬ 
cuffs,  maybe  it  will  put  the  fear 
of  God  in  others,”  he  said. 

Kumar  and  co-defendant 
Stephen  Richards,  a  former 
head  of  worldwide  sales  at  CA, 
both  pleaded  guilty  to  all  eight 
of  the  counts  that  they  were 
indicted  on  two  years  ago.  “I 
know  my  conduct  was  wrong. 
...  1  apologize  for  my  actions,” 
Kumar  said  at  a  hearing  in 
federal  court  in  Brooklyn,  N.Y., 
according  to  a  Reuters  report. 

The  two  executives  admit¬ 
ted  that  prior  to  and  during 
CA’s  2000  fiscal  year,  they 
orchestrated  an  accounting 
scheme  under  which  the  com¬ 
pany  —  then  called  Computer 
Associates  International  Inc. 

—  falsely  reported  hundreds  of 


CA  Expects  Small  Q4  Profit  at  Best 


CA  SAID  last  week  that  it  may  just 
break  even  in  its  fourth  quarter  be¬ 
cause  of  the  lower-than-expected 
revenue  it  will  report. 

The  company  announced  pre¬ 
liminary  results  for  the  quarter  that 
ended  March  31,  saying  that  it  now 
expects  to  report  a  small  profit  at 
best.  Total  revenue  will  be  between 
$940  million  and  $950  million, 
down  from  an  earlier  projection  of 
$975  million  to  $1  billion,  CA  said. 

“Our  results  for  the  quarter  were 
not  in  line  with  our  expectations,” 
John  Swainson,  CA's  president  and 
CEO,  said  in  a  statement.  He  noted, 
though,  that  the  software  vendor 
is  “undergoing  a  transformation 
-  of  our  products,  our  people,  our 
processes,  our  relationships  with 
customers,  our  go-to-market 


strategy  and  much  more." 

According  to  CA,  “a  significant 
portion”  of  the  revenue  shortfall  will 
be  made  up  in  future  quarters.  The 
company  said  it  had  to  defer  the 
reporting  of  sales  made  by  recently 
acquired  vendors  after  switching 
them  to  its  subscription-based 
accounting  model,  under  which 
revenue  is  recognized  on  a  monthly 
basis  over  the  life  of  a  contract. 

Fourth-quarter  profits  were 
also  affected  by  increased  sales 
expenses,  primarily  involving 
commissions,  the  company  said. 

It  added  that  those  expense 
increases  will  be  partially  offset  by 
reductions  in  variable  compensa¬ 
tion  programs,  including  manage¬ 
ment  bonuses. 

-  CRAIG  STEDMAN 


millions  of  dollars  in  revenue 
during  quarters  in  which  the 
deals  that  generated  those  rev¬ 
enues  had  not  been  finalized. 

For  example,  the  indictment 
charged  that  Kumar  was  flown 
to  Paris  on  CA’s  corporate  jet 
in  early  July  of  1999  to  nego¬ 
tiate  and  sign  a  $32  million 
software  licensing  agreement 
with  a  customer.  The  deal 
was  backdated  to  June  30,  and 
about  $19  million  in  revenue 
was  improperly  recognized 
in  the  quarter  that  ended  that 
day,  prosecutors  said. 

The  goal  of  the  accounting 
scheme  was  to  ensure  that  CA 
would  meet  or  exceed  its  rev¬ 
enue  and  earnings  projections 
in  each  quarter,  they  added. 

The  guilty  plea  “is  unfor¬ 


tunate  for  Sanjay  and  CA,  but 
it’s  another  example  of  the 
pressures  from  Wall  Street 
on  public  companies  to  make 
their  numbers  each  quarter,” 
said  Steve  Rummel,  vice  presi¬ 
dent  of  data  services  at  Maher 
Terminals  Inc.,  a  container 
terminal  operator  in  Berkeley 
Heights,  N.J.,  and  a  former  CA 
customer.  “CA  will  survive,  but 
it’s  definitely  a  black  eye  for  the 
corporation,”  Rummel  said. 

After  the  guilty  pleas,  CA 
issued  a  statement  saying  that 
it  is  “a  dramatically  different 
organization  than  we  were 
two  years  ago.”  In  addition  to 
focusing  on  a  growth  strategy, 
Swainson  and  his  management 
team  have  set  up  an  organiza¬ 
tional  structure  “that  promotes 
integrity,  compliance  and  good 
governance,”  CA  said. 

Rich  Ptak,  an  analyst  at  Ptak, 
Noel  &  Associates  in  Amherst, 
N.H.,  said  Swainson  has  fur¬ 
thered  Kumar’s  efforts  to  im¬ 
prove  customer  relationships 
and  change  the  widely  held 
view  that  CA  wasn’t  friendly 
toward  its  users.  “That  old  im¬ 
age  of  CA  seems  to  be  in  the 
past,”  Ptak  said. 

Kumar  and  Richards  are 
scheduled  to  be  sentenced  on 
Sept.  12.  Both  men  could  face 


up  to  20  years  in  jail,  but  the 
maximum  sentence  will  likely 
be  reduced  because  of  their 
guilty  pleas,  said  a  spokesman 
for  the  U.S.  Attorney’s  Of¬ 
fice  for  the  Eastern  District  of 
New  York. 

CA,  meanwhile,  is  still  sub¬ 
ject  to  a  deferred  prosecution 
deal.  Under  that  deal,  it  agreed 
to  pay  $225  million  into  a  fund 


for  compensating  victims  of 
its  fraudulent  activities  and 
take  various  steps  to  strength¬ 
en  its  corporate  governance 
procedures.  If  CA  is  deemed 
to  have  complied  with  its 
obligations  after  an  18-month 
period  that  ends  in  September, 
the  U.S.  attorney  will  seek 
to  dismiss  all  fraud  charges 
against  the  company.  ► 


Continued  from  page  1 

Health  Czar 

departure  nonetheless  could 
speed  the  move  toward  a  na¬ 
tional  health  information  net¬ 
work,  prompting  a  shift  from 
planning  to  action. 

Brailer  did  a  “spectacular 
job”  of  building  awareness 
among  Congress  and  the  pub¬ 
lic  regarding  how  much  work 
is  needed  to  create  an  EMR 
network,  Wade  said.  “He’s  the 
one  who  had  to  be  the  stan¬ 
dards  advocate  while  at  the 
same  time  navigating  the  po¬ 
litical  issues  to  gain  and  sus¬ 
tain  momentum,”  Wade  said. 

Mark  Frisse,  a  professor  of 
biomedical  informatics  at  Van¬ 
derbilt  University  in  Nashville, 
said  Brailer  brought  a  human 
face  to  what  were  intangible 
issues.  Through  that  effort,  he 
said,  “the  health  care  IT  horse 
is  out  of  the  barn,  and  suf¬ 


ficient  consensus  exists  that 
rapid  acceleration  is  possible.” 

Frisse,  who  is  working  to 
develop  a  regional  health 
information  organization  in 
Tennessee,  suggested  that  the 
next  coordinator  work  to  foster 
stronger  collaboration  among 
federal  agencies.  “People  want 
a  coherent  view  of  the  federal 
government  and  a  sense  that 


agencies  are  working  together,” 
he  said.  “States  are  going  to 
be  critical  in  the  next  stage  of 
evolution,  and  collaboration  on 
state  initiatives  is  important.” 

Frisse  also  said  the  new 
leader  must  continue  Brailer’s 
work  on  building  a  national 
health  information  network 
and  on  creating  EMR  technol¬ 
ogy  standards. 


David  Brailer 


FIRST  NATIONAL  COORDINATOR  FOR  HEALTH  IT 

■  Established  the  American  Health  Information  Com¬ 
munity  -  a  17-member  panel  representing  large  employers, 
technology  companies  and  government  officials  -  to  foster 
the  adoption  of  health  IT  nationwide. 

■  Awarded  contracts  totaling  $18.6  million  to  four  consortiums  to  de¬ 
velop  prototypes  for  a  national  infrastructure  to  support  electronic  health  records. 

■■yr.;  / 

■  Started  programs  to  reduce  barriers  to  privacy,  security  and  in¬ 
teroperability  that  hinder  widespread  use  of  health  IT. 

■  Announced  a  plan  to  start  projects  in  biosurveillance,  electronic  health 
records,  chronic  care  management  and  consumer  empowerment. 


J.  David  Liss,  vice  president 
of  government  relations  and 
strategic  initiatives  at  New 
York-Presbyterian  Healthcare 
System  in  New  York,  said  the 
new  coordinator  should  have 
experience  in  a  large-scale 
health  care  environment  and 
credibility  with  the  informat¬ 
ics  community. 

Brailer’s  successor  must  also 
ensure  that  the  effort  doesn’t 
focus  on  the  use  of  metrics 
to  grade  physicians’  work  or 
involve  calculating  payments 
based  on  such  a  grade,  Liss  said. 
The  coordinator  should  instead 
work  to  streamline  the  health 
record  process,  he  noted. 

“Clinicians  may  view  health 
IT  more  negatively  if  they  per¬ 
ceive  the  technology’s  main 
function  as  aggregating  and 
reporting  data  from  their  prac¬ 
tices,”  he  said.  “This  does  not 
make  the  doctor’s  work  easier; 
it  merely  supports  another 
regulatory  burden.” » 


Let  Internet  Security  Systems  stop 

network  threats  before  they  impact  your  business 
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How  do  you  ensure  compliance  and  manage  costs  when  your  security  is  less  than  certain?  Even  "zero-day"  solutions  aren't  fast  enough  to 
protect  against  losses  once  an  Internet  attack  hits.  The  alternative  is  preemptive  security  from  Internet  Security  Systems.  Because  our  enterprise 
solutions  are  based  on  the  world's  most  advanced  vulnerability  research,  only  ISS  can  can  offer  preemptive  security  and  stop  threats  before  they 
impact  your  business.  So  why  rely  on  "reaction"  when  security  can  be  a  sure  thing? 


Need  proof?  Get  a  free  whitepaper,  Preemptive  Security:  Changing  the  Rules ,  at  www.iss.net/proof  or  call  800-776-2362. 


Q  INTERNET  |  SECURITY  |  SYSTEMS* 

Ahead  of  the  threat 


NETWORK  &  HOST  INTRUSION  PREVENTION 

©2008  Internet  Security  Systems  Incorporated.  All  rights  reserved  worldwide. 


MANAGED  SECURITY  SERVICES 


VULNERABILITY  MANAGEMENT 


fa  "  ■  -  . 


'--44' ' 

5-t  ■>’''*■•  2  " 


v#f  W:  ■■  '-:4f  > 

%  V  fdfr'  | 

'  .&> 

'  ■  >  . 

-..  uk 

'  • 


‘Sr 

. 

rr***s2 

■;'W 

% 

?#■ 

4 

• 

'  *■ 

■+*  '  felt*  "%• , 

■  ,- 


I've  decided  to  change  the  rules.  From  now  on,  threats  will  be  afraid  of  me 

Dynamic  Networking  from  AT&T  analyzes  real-time  traffic  over  the  AT&T  network  to 
predict  security  threats  before  they  become  security  breaches.  With  firewalls  and 
intrusion  protection,  the  AT&T  network  provides  Anthony  with  a  front  line  of  defense 
and  the  confidence  to  take  his  network  wherever  he  needs.  With  real-time  reporting 
of  security  issues,  potential  threats  are  on  Anthony's  radar,  but  not  on  his  network. 
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Hyperion  CEO  Stresses 
Conservative  Growth  Goals 


Sullivan  offers  views  on  corporate  governance, 
global  software  development,  H-1B  visa  law 


BY  DON  TENNANT 

LAS  VEGAS 

Godfrey  Sullivan  is  approaching  his  two- 
year  anniversary  as  CEO  of  Hyperion 
Solutions  Corp.  following  a  three-year 
stint  as  the  company’s  president 
and  chief  operating  officer.  In  an 
interview  with  Computerworld 
during  Hyperion’s  Solutions  2006 
user  and  partner  conference  here 
last  week,  Sullivan  talked  about  a 
range  of  issues,  including  his  take 
on  corporate  governance  and  the 
H-1B  visa  controversy. 

When  you  took  over  as  CEO,  Hyper¬ 
ion  separated  that  position  from  the 
chairman’s  post,  which  your  predecessor, 
Jeffrey  Rodek,  said  is  a  preferable  gov¬ 
ernance  model.  How’s  it  working?  More 
and  more  companies  are  starting  to 
separate  the  chairman  and  CEO  roles. 
From  a  governance  standpoint,  it’s  a 
pretty  good  separation.  It  lessens  the 
chance  for  the  CEO  to  have  the  board 
in  his  pocket. 

From  a  governance  perspective,  what’s 


BY  TODD  R.  WEISS 

NEW  YORK 

Open-source  software  is  everywhere. 
But  how  does  a  large  company  —  from 
its  executive  team  down  to  its  IT  staff 
—  figure  out  which  open-source  appli¬ 
cations  are  right  for  its  users  and  won’t 
endanger  the  core  business? 

The  Business  Readiness  Rating 
(BRR)  open-source  group  says  a  little 
corporate  social  networking  can  pro¬ 
vide  information  to  help  large  compa¬ 
nies  start  such  projects. 

OpenBRR.org  was  established  last 
August  by  the  Carnegie  Mellon  West 
Center  for  Open  Source  Investigation, 
O’Reilly  Media  Inc.,  SpikeSource  Inc. 
and  Intel  Corp.  to  create  a  standard 
model  for  rating  the  readiness  of  open- 
source  software  for  corporate  projects. 
During  the  Linux/Open  Source  on 


your  assessment  of  former  CA  Chairman 
and  CEO  Sanjay  Kumar’s  decision  to  plead 
guilty  to  the  financial  fraud  charges  he 
had  been  facing?  I  haven’t  followed  that 
case  so  closely,  but  I’ll  tell  you  that  the 
interchange  I  have  with  our  au¬ 
ditors  is  quite  simple.  I  believe 
that  if  you  set  conservative  guid¬ 
ance  and  you  follow  that,  you’ll 
keep  people  inbounds.  When 
you  set  growth  targets  that  are 
too  aggressive  for  your  business, 
you  force  people  out  onto  the 
ethical  edge.  The  No.  1  thing  a 
CEO  can  do  to  maintain  ethical 
guardrails  is  to  set  conservative 
guidance  and  exceed  it. 

What  is  Hyperion  doing  in  terms  of  global 
software  development?  We  have  about 
100  people  in  Minsk  that  came  to  us 
through  the  Brio  acquisition;  we  have 
big  development  centers  in  [Connecti¬ 
cut]  and  California,  and  we  have  anoth¬ 
er  in  Bangalore.  For  about  two  years 
now,  we’ve  done  follow-the-sun  pro¬ 
gramming.  It  has  absolutely  changed 
the  way  we  build. 


Wall  Street  Show  &  Conference  here 
last  week,  the  group  unveiled  plans  to 
create  a  corporate  online  community 
for  IT  staffers  from  about  40  compa¬ 
nies  to  discuss  open-source  issues. 

The  idea,  said  Murugan  Pal,  co¬ 
founder  of  BRR  and  founder  and  chief 
technology  officer  of  SpikeSource  in 
Redwood  City,  Calif.,  is  to  provide  IT 
managers  with  information  that  can 
help  them  start  open-source  projects. 

The  BRR  group  plans  to  hold 
invitation-only  forums  within  its  on¬ 
line  community  that  can  be  closely 
guarded  to  maintain  security  and 
confidentiality,  Pal  said. 

There  are  already  code  collaboration 
initiatives  for  developers  in  the  open- 
source  community,  he  acknowledged, 
but  “this  is  information  collaboration 
for  enterprises.” 


What’s  your  position  on  the  H-1B  visa  is¬ 
sue?  It’s  hard  to  separate  H-1B  from  the 
geopolitical  issues.  From  a  geopolitical 
standpoint,  we’re  cutting  off  our  nose 
to  spite  our  face  in  terms  of  having 
security  constraints  around  students 
who  want  to  come  study  here.  From 
an  H-1B  standpoint,  we  can  always  use 
more  technical  talent.  We  ought  to  be 
letting  more  H-lBs  through. 

What’s  your  response  to  unemployed  U.S. 

IT  professionals  who  feel  that  H-1B  workers 
are  stealing  U.S.  jobs?  There’s  no  simple 
answer.  It’s  hard  to  connect  the  dots 
between  the  high  demand  for  great 
technical  people  and  the  unemployed 
IT  professionals.  It’s  a  complete  mys¬ 
tery  to  me. 

Can  you  comment  on  reports  that  Hyperion 
has  had  cash-flow  issues  stemming  from 
problems  with  a  new  Oracle  billing  system? 

That’s  true.  We  implemented  a  new 
billing  system  [during  the  quarter  that 
ended  last  December],  We  did  not  do 
the  best  job  in  implementing  that  sys¬ 
tem  and  getting  ready  to  go  live  with 
it.  As  a  result,  we  didn’t  get  a  lot  of  our 
bills  out  on  time.  We  were  back  up  to 
normal  levels  of  cash  flow  [in  the  quar¬ 
ter  that  ended  in  March],  ► 


“We  have  been  talking  with  CIOs 
for  almost  four  years,”  Pal  said. 
“They’ve  been  saying  that  they  don’t 
have  places  to  get  information  on 
open-source.” 

“You’re  looking  for  that  level  of  in¬ 
formation  that  you  can  use  to  make  a 
valid  business  decision,”  said  George 
Pace,  a  systems  architect  at  Prudential 
Financial  Inc.  in  Newark,  N.J.  “It’s  like 
having  a  customer  reference  account 
for  open-source.” 

Adam  Braunstein,  an  analyst  at  Rob¬ 
ert  Frances  Group  Inc.  in  Westport, 
Conn.,  suggested  that  the  new  program 
may  be  more  germane  to  IT  profes¬ 
sionals  at  small  and  midsize  businesses. 
Most  large  companies  are  already  in¬ 
volved  in  some  open-source  projects, 
so  the  ground-level  questions  have 
been  answered,  Braunstein  said. 

Big  companies  are  “already  there,” 
he  said.  “It  would  be  more  useful  for 
[small  and  midsize  businesses]  because 
they’re  not  as  aware  of  all  this  stuff.”  > 


Open-source  Group  to  Create 
Online  Forum  for  Corporate  Users 


TyT  •  .  ■: . 

....  *  O'-  •  tOO 

•s'.  :  \  ‘  '  •  .'*•  •.  \ Tv  ;  :■  T’S 

•  ■  ’-S  y\  \ '!  ■ 

v  -V  .  V;;,;-  ;  TjUkG; 'V^», 


1 Y-G 

1  s 


■  .  .. 


■  *•*  ■'  T 

Dynamic 

J  ■  .  V  , 

Networking. 


Delivered. 


■  tr>; 


Dynamic  Networking  from 
AT&T  is  a  comprehensive 
approach  to  optimizing 
business  performance 
including  the  services  and 
intelligence  of  a  converged 
networking  environment. 


Converged  networ king 
delivers: 


High-performing 
business  applications  for 
greater  value,  efficiency 
and  productivity. 


Information  delivered 
faster  to  the  people 
who  need  it  —  decision 
makers,  sales,  customers 
and  suppliers  —  for 
increased  collaboration 
and  responsiveness. 


Improved  control  across 
all  activities  in  the 
organization  to  identify 
changing  circumstances 
and  adjust  network 
performance  in  response, 
n  . 

One  global  IP  network  *  ' 


that  reaches  127  countries 
for  flexible  growth. 


Learn  how  Dynamic 
Networking  can  enable 
your  enterprise  by 
downloading  the  white 
paper  series,  Convergence, 
A  Four  Point  Framework,  at 
att.com/networking. 
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DON  TENNANT 


Checks  and  Balances 


HEN  former  CA  Chairman  and 
CEO  Sanjay  Kumar  pleaded  guilty 
last  week  to  the  charges  of  finan¬ 
cial  fraud  and  other  offenses 
hanging  over  him,  a  lot  of  people 
were  surprised.  I  wasn’t  one  of  them. 

I  had  a  feeling  that  Kumar  would  eventually  plead 
guilty  to  the  charges,  despite  his  innocent  plea  in 
September  2004  following  his  indictment  by  a  federal 
grand  jury.  In  fact,  I  was  almost  certain  of  it. 


A  couple  of  weeks  after 
the  indictment,  I  wrote 
an  editorial  in  which  I 
reminded  readers  that 
Kumar  was  innocent.  My 
point  was  that  he  hadn’t 
been  found  guilty  of  any¬ 
thing,  which,  under  our 
legal  system,  means  inno¬ 
cence.  In  that  piece,  I  also 
recounted  an  anecdote 
about  his  mom  that  Ku¬ 
mar  had  shared  with  me  a 
couple  of  years  earlier.  It 
had  to  do  with  some  very 
wise  guidance  his  mom  had  given 
him  when  he  was  a  youth.  Referring 
to  that  anecdote,  I  made  this  com¬ 
ment  in  the  editorial: 

“I  have  a  hunch  that  his  mom  gave 
him  some  more  sage  advice  when  he 
was  a  kid:  If  you  goof  up,  acknowl¬ 
edge  it,  make  amends,  be  forgiven, 
and  move  on.  If  you  didn’t  goof  up, 
stand  up  for  yourself.” 

It  turns  out  that  comment  touched 
Kumar  pretty  deeply.  I  know,  be¬ 
cause  he  called  me  a  couple  of  days 
later  to  tell  me. 

“I  wanted  to  let  you  know  that  you 
were  dead  right  about  my  mother,”  he 
said.  “You  captured  her  essence  in 
that  article,  to  the  point  where  some¬ 
body  actually  shared  it  with  my  fa¬ 
ther.  This  moved  him  to  the  point 
where  he  called  me  last  night. ...  I 
really  appreciate  it,  because  you  re¬ 
ally  captured  what  she  was  all  about, 
and  what  she  passed  on  to  me,  in  a 
very,  very  eloquent  way.” 

It’s  also  worth  mentioning  that  Ku¬ 
mar  never  professed  his  innocence  to 


DON  TENNAMT  is  editor 
in  chief  of  Computerworld. 
Contact  him  at  don  Jennant® 
computerworid.com. 


me.  He  simply  thanked 
me  for  what  I  had  writ¬ 
ten  and  said  he  hoped 
we’d  have  a  chance  to  sit 
down  and  talk  about  it 
all  someday. 

So  no,  I  wasn’t  a  bit 
surprised  when  Kumar 
acknowledged  last  week 
that  he  had  messed  up.  In 
the  end,  he  did  what  his 
mom,  who  passed  away 
a  couple  of  years  ago, 
would  have  expected 
him  to  do. 

I’m  not  making  excuses  for  Kumar. 
What  he  did  was  wrong,  and  justice 
must  prevail.  But  it’s  important  to 
remember  that  decent  people  do 
stupid  things.  It  would  be  tragic  if 
the  miracle  Kumar  worked  at  CA 


—  transforming  it  from  the  most  in¬ 
tensely  feared  and  loathed  software 
company  on  the  planet  to  a  respected 
and  valued  business  partner  —  is  for¬ 
gotten  because  of  all  this.  Vilification, 
in  Kumar’s  case,  is  unwarranted. 

I  was  discussing  Kumar’s  guilty 
plea  last  week  with  Hyperion  CEO 
Godfrey  Sullivan,  who  shared  some 
interesting  insights  about  the  dilem¬ 
ma  people  face  when  expectations  of 
them  are  set  too  high. 

“When  you  set  growth  targets 
that  are  too  aggressive  for  your  busi¬ 
ness  . . .  you  really  force  people  out 
onto  the  ethical  edge,”  Sullivan  said. 
“They’ll  do  whatever  it  takes  to  close 
a  deal.” 

Perhaps  Kumar  had  set  his  own  bar 
too  high,  I  don’t  know.  I  do  know  that 
companies  need  a  firm  set  of  checks 
and  balances  in  place,  which  is  some¬ 
thing  Hyperion  considered  two  years 
ago  when  it  decided  that  the  roles  of 
chairman  and  CEO  should  be  held  by 
separate  individuals. 

Maybe  if  that  had  been  the  case  at 
CA  during  Kumar’s  tenure,  as  it  is 
now,  the  trauma  suffered  by  Kumar’s 
family  and  his  company  —  and  the 
wrongs  that  precipitated  it  —  could 
have  been  avoided.  I 


MICHAEL  H.  HUGOS 

A  Week  in 
The  Life  of 
Agile  IT 

OK,  LISTEN  UP,  my 

Agility  Corps  friends. 
Here’s  the  situation. 
Your  company  acquired  a 

new  operating  unit  and  needs  to  pro¬ 
vide  systems  for  it  to  meet  its  business 
objectives.  Headquarters  sent  out  a 
bunch  of  analysts,  but  things  got  too 
complex.  The  fog  closed  in.  It’s  past 
90  days  now,  and  all  that’s  been  pro¬ 
duced  are  half-baked  program  code 
that  crashes  unexpectedly  and  loose- 
leaf  binders  full  of  incoherent  specifi¬ 
cations.  Your  company  needs  to  turn 
things  around  fast.  Are  you  ready? 

Here’s  what  we’re  going  to  do.  We’re 
going  to  send  in  a  four- 
person  agility  team. 

Those  four  people 
need  to  be  competent 
in  all  six  core  tech¬ 
niques  and  masters 
of  some  of  them.  The 
team  leader  has  to  be 
a  master  of  joint  ap¬ 
plication  design  (JAD) 
and  process  mapping. 

One  team  member 
needs  to  be  a  master 
of  data  modeling,  and 
another  a  master  of 
system  prototyping. 

We’ll  start  bright 
and  early  on  Monday. 

People  at  the  operating 
unit  have  been  told  to 
expect  you.  They’re 
angry  and  demoral¬ 
ized,  so  you  need  to  get 
things  in  hand  quickly. 

Upon  arrival,  the  team  will  convene  a 
JAD  session.  They  need  to  calm  people 
down  and  then  agree  on  a  one-week 
schedule  to  produce  the  conceptual 
designs,  project  plans  and  budgets  for 
Version  1.0  of  the  systems  they  need. 

Start  by  using  process  mapping  to 
cut  through  the  fog  (see  my  last  col¬ 
umn,  “Factoring  Complexity,”  April 
10).  By  the  end  of  the  first  day,  you  will 
have  a  working  set  of  process  maps 
and  have  gotten  started  on  the  data 
model.  In  JAD  sessions  on  Tuesday, 
the  team  will  review  and  revise  the 
process  maps  as  needed  and  finish  the 
data  model.  On  Wednesday,  the  team 
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THE  AGILITY  CORPS: 

What  Michael  Hugos  calls  IT-business 
operations  experts  who  successfully  ap¬ 
ply  combinations  of  six  core  techniques 
to  deliver  quick,  80%  solutions  to  busi¬ 
ness  problems  (see  “The  Future  Belongs 
to  the  Agile,”  March  13). 

will  work  on  its  own  to  create  concep¬ 
tual  designs  for  the  needed  systems. 

You  already  know  which  company 
systems  you  can  use.  Identify  those 
available  at  the  new  operating  unit  and 
create  conceptual  system  designs  to 
leverage  what’s  already  there.  Add  new 
packages  or  custom  code  only  when 
necessary.  Sketch  out  screen  sequences 
to  illustrate  the  user  interfaces  of  these 
systems.  Then  draw  the  high-level 
technical  architecture  diagrams. 

On  Thursday,  review  these  designs 
with  people  at  the  operating  unit  and 
adjust  them  as  needed.  The  team  leader 
is  going  to  need  real  mastery  of  JAD 
technique  to  keep  folks  focused  on  the 
most  important  requirements.  There 
is  going  to  be  serious  pressure  to  ex¬ 
pand  scope.  The  fog  will  start  to  creep 
back  in.  Use  the  process  maps,  the  data 
model  and  the  conceptual  designs  to 
get  and  keep  agreement  on  the  most 
important  systems  functionality. 

On  Friday,  put  together  a  set  of  initial 
plans  and  budgets  that  shows  how  the 
first  versions  of  these  systems  get  built. 
Design  systems  that  can  be  delivered 
within  three  months.  We’re  looking 
for  elegant  simplicity.  Identify  and  auto¬ 
mate  just  the  routine  tasks  and  empower 
people,  not  computers,  to  handle  the  rest. 

These  will  be  long  days.  There  will 
be  moments  when  complexity  threat¬ 
ens  to  overwhelm  you.  The  agility 
team  is  going  to  get  more  done  in  a 
week  than  a  bunch  of  plodding  analysts 
got  done  in  three  months.  But  if  you 
know  your  core  techniques  and  stay 
calm,  it’s  doable.  Everyone  who  wants 
onto  this  team,  step  forward. 


Some  recruits  pointed  out  that  the  equa¬ 
tion  in  my  last  column  was  unsolvable 
and  should  have  equaled  something  other 
than  zero.  I’ve  just  done  my  50  pushups.  * 


V.P.  KOCHIKAR 

Act  Before 
You  Must 

PROACTIVITY  IS  NOT  a 
virtue  that  is  evenly 
distributed  among  the 
members  of  the  human  race. 


IT  managers,  being  human, 
are  as  fallible  on  this  count 
as  anyone  else.  Laying 
meticulous  plans,  spending 
hours  developing  elaborate 
lists  of  risks  and  negotiating 
every  last  detail  upfront  are 
things  that  don’t  come  natu¬ 
rally  to  most  of  us. 

After  all,  we  need  to 
believe  that  we  succeed 
by  virtue  of  smartness, 
innovativeness  and  flair, 
rather  than  painstaking 
and  resolute  groundwork. 

And  in  most  companies, 
crisis  management  is  seen 
as  macho,  and  thinking  on 
one’s  feet  is  admired.  Action 
has  romantic  appeal;  pre¬ 
paring  for  action  doesn’t. 

But  if  you  don’t  like  surprises  that 
come  in  the  form  of  customer  com¬ 
plaints  and  missed  deadlines,  you  have 
to  do  some  groundwork.  Curtly  telling 
your  team  “Make  sure  there  are  no 
surprises”  is  easy.  It’s  more  difficult  to 
ensure  that  the  folks  reporting  to  you 
understand  that  springing  nasty  sur¬ 
prises  is  unfair  to  the  customer. 

You  have  to  put  mechanisms  in  place 
to  ensure  that  there  are  no  surprises. 
Considerable  organizational  where¬ 
withal  exists  to  forestall  surprises  in 
application  development.  The  Capabil¬ 
ity  Maturity  Model,  the  V  Model  and, 


indeed,  a  large  proportion 
of  development  method¬ 
ologies  and  quality  frame¬ 
works  have  at  their  core  the 
principle  that  an  ounce  of 
prevention  is  better  than 
a  pound  of  cure.  If  uncer¬ 
tainty  or  risk  is  high,  itera¬ 
tive  software-development 
methodologies  are  available. 

Of  course,  these  frame¬ 
works  and  methodologies 
are  often  mandated  within 
the  organization.  When 
that’s  the  case,  it  doesn’t 
take  much  proactivity  to  fol¬ 
low  them.  The  true  test  of  a 
mature  manager  is  to  go  be¬ 
yond  minimal  adherence  to 
those  elements  of  the  frame¬ 
work  against  which  you  will 
be  evaluated  —  to  truly  understand  the 
intent  behind  the  framework,  and  then 
to  be  proactive  in  upholding  that  intent. 

The  way  we  reward  and  recognize 
staffers  can  be  critical  in  delivering  the 
message  that  planning  and  foresight 
are  important  tools  in  ensuring  that  no 
surprises  crop  up.  When  you  single  out 
the  most  capable  among  those  report¬ 
ing  to  you,  look  for  people  who  exhibit 
the  following  behaviors: 

■  They  start  each  task  by  consulting 
available  organizational  repositories 
(formal  and  informal),  so  they  can 
build  on  the  experience  of  others. 


■  They  build  detailed  lists  of  risks 
and  contingency  plans. 

■  They  adhere  to  templates  and  proc¬ 
esses  in  spirit  and  not  just  in  letter. 

■  They  maintain  their  own  check¬ 
lists  and  guidelines  for  every  activity 
and  contribute  these  to  the  organiza¬ 
tional  repository. 

■  They  learn  from  failures  so  that  a 
mistake  is  never  repeated. 

■  They  create  and  nurture  listening 
mechanisms  that  give  advance  indica¬ 
tion  of  what  customers,  vendors,  com¬ 
petitors  and  employees  are  thinking 

—  in  short,  an  early  warning  system. 

■  They  set  quantitative  targets  for 
cost,  effort  and  quality  and  always  know 
where  they  stand  on  those  targets. 

■  They  don’t  accept  a  progress  re¬ 
port  at  face  value  but  can  delve  into  its 
content  by  asking  the  right  questions 

—  that  is,  they  realize  that  coding  is 
“90%  complete  half  the  time.” 

■  They  mentor  their  teams  and  serve 
as  positive  examples. 

A  tongue-in-cheek  corollary  to  Mur¬ 
phy’s  Law  states:  “There’s  never  time 
to  do  it  right,  but  there’s  always  time 
to  do  it  over.”  Which  would  you  rather 
spend  your  time  on  —  doing  it  right,  or 
doing  it  over?  > 


OMore  columnists  and  links  to  archives  of  previous 
columns  are  on  our  Web  site: 


www.computerworld.com/columns 


E-bills  Will  Become 
The  Norm  in  Time 

I  AGREE  WITH  Barbara 
Gomolski’s  main  points  in  her 
article  “Automated  Billing:  Have 
We  Gone  Too  Far?”  [March  20], 
As  time  goes  on,  more  and  more 
companies  are  pushing  their  cus¬ 
tomer  base  to  move  to  e-delivery 
of  their  billing  statements. 

I  find  it  disingenuous  that  they 
tell  us  that  they  are  asking  us  to 
move  to  paperless  bills  from  some 
sense  of  ecological  responsibility 
-  unless  of  course,  money  really 
does  grow  on  trees.  Fact  is,  they 
save  oodles  of  dollars  by  not 
sending  out  paper  bills. 

But  here  is  something  that  I  be¬ 
lieve  Gomolski  may  have  missed: 
As  we  move  toward  e-bills  by  the 
tens  of  thousands,  the  rest  of  the 
folks  that  either  cannot  or  will 
not  move  to  e-bills  will  find  that  it 
is  costing  them  more  to  receive 
paper.  Why?  With  fewer  people 


getting  the  paper  bills,  the  cost 
per  mailing  increases. 

Ray  Negrdn 
Service  manager, 

Wellington,  Fla. 

Rigorous  Oversight 
From  U.S.  Gov’t? 


i 


WONDER  IF  I  am  the  only 
reader  who  saw  the  irony  in 
Don  Tennant’s  editorial  “Filling 
a  Void"  [April  3],  Tennant  states 
that  “the  U.S.  government’s  well- 
established,  rigorous  security 
certification  process  would  have 
uncovered  the  dastardly  deed”  if 
Lenovo’s  contract  with  the  U.S. 
State  Department  were  to  be  a 
means  for  China  to  spy  on  the 
State  Department. 

A  mere  seven  pages  earlier  in 
the  same  issue  are  the  follow¬ 
ing  headlines:  “State  Workers 
Warned  of  Florida  Data  Leak,"  and 
‘IRS  Still  Puts  Taxpayer  Data  at 
Risk,  Says  GAO.” 


I  had  to  laugh  at  Tennant’s 
comments,  considering  all  of  the 
information  that  Computerworld 
has  provided  regarding  the  poor 
state  of  our  government’s  IT 
departments.  Don’t  be  too  sure 
that  Uncle  Sam  doesn’t  have  his 
password  written  on  a  Post-it  note 
stuck  to  his  monitor. 

GaryS.  Netherton 
Senior  design  engineer, 

Dayton,  Ohio 

No  Zero-Sum  Game 

Reading  through  Mi 

chaelH.  Hugos’ April  10  col¬ 
umn  in  Computerworld  on  “Factor¬ 
ing  Complexity,”  I  was  surprised 
to  find  that  his  easily  factored 
problem  was  more  complex  than 
he  thought.  In  fact,  his  problem  is 
so  complex  that  it  is  unsolvable. 
Although  we  all  learned  early  on 
that  division  by  zero  is  not  pos¬ 
sible,  we  often  forget  this  rule  in 
performing  algebra.  Setting  the 


equation  to  any  number  other  than 
zero  would  work. 

Do  note  that  even  with  this  sim¬ 
plification,  one  must  take  care  in 
solving  forx  and  y.  Just  plugging 
random  values  in  forx  can  lead  to 
y  being  an  imaginary  number.  Pei- 
haps  you  are  OK  with  imaginary 
answers  to  your  equation,  but  I 
don’t  think  you  want  an  imaginary 
solution  to  your  business  problem. 
Nic  Stevens 
Corvallis,  Ore. 

COMPUTERWORLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to  Let¬ 
ters  Editor,  Computerworld,  PO  Box 
9171, 1  Speen  Street,  Framingham, 
Mass.  01701.  Fax:  (508)  879-4843. 
E-mail:  lettersfDcomputerworld. 
com.  Include  an  address  and  phone 
number  for  immediate  verification. 

OFor  more  letters  on  these 
and  other  topics,  go  to 

www.computerwor1d.com/letters 


V.P.  KOCHIKAR  is  an 

associate  vice  president  at 
Infosys  Technologies  Ltd., 
where  he  focuses  on 
strategic  foresight,  tech¬ 
nology  risk  management 
and  intellectual  capital 
management.  The  views 
expressed  here  are  his 
own,  not  his  employer's. 
He  can  be  contacted  at 
kochikvp@infosys.com. 


AMD 


with  the  amount  of 
non-AMD  powered 


How  long  have  you  been  putting  up  with  servers  that  waste  power;  waste  money,  and  thanks  to  slow  performance  waste 
everyone's  time?  Now  you  can  make  your  data  center  the  coolest  room  in  the  building  without  replacing  your  existing 
power  and  cooling  envelope.  AMD  Opteron™  processor-based  servers,  on  the  other  hand,  are  designed  to  run  efficiently, 
run  cool,  and  thanks  to  dual-core  technology  deliver  increased  performance.To  learn  more  about  maximum  performance, 
cost  savings,  and  the  power  of  cool  visit  www.amd.com/lessenergy 
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FUTURE  WATCH 

Computer  Science  Looks  for  a  Remake 

Six  computer  science  professors  discuss  how  IT 
can  regain  its  appeal  as  a  career  choice,  how  col¬ 
lege  computer  science  programs  can  sharpen  their 
focus  on  users  of  technology  and  what  will  happen 
when  Moore’s  Law  no  longer  applies.  PAGE  26 


Geek’s  Garden 

On  this  week’s  stroll  through  the  tech¬ 
nology  landscape,  we  stop  to  consider 
avian  flu,  single-molecule  electronics 
and  the  origins  of  compilers  —  includ¬ 
ing  the  role  Grace  Hopper  played  while 
working  on  an  early  Univac.  PAGE  30 


SECURITY  MANAGER’S  JOURNAL 

Of  Laptops,  Caffeine, 

Nicotine  and  Chocolate 

Laptop  security  concerns  give 
C.J.  Kelly  a  headache  that  a  regimen 
of  M&Ms,  lattes,  allergy  medicine  and 
even  nicotine  can’t  cure.  PAGE  32 


As  virtual  machines  enter 
the  enterprise  in  increasing  numbers, 

administrators  face  a  different  set  of 

management  challenges. 


By  Robert  L.  Mitchell 

IT  STARTED  OUT  as  a  way  to 

save  money  when  Gannett  Co. 
was  adding  new  servers  back 
in  2002.  Now,  says  Eric  Kuz- 
mack,  IT  architect  at  the 
McLean,  Va.-based  newspaper 
publisher,  “we  have  a  couple 
hundred  virtual  machines  in  our  data 
center.”  Virtualization  technology  has 
increased  IT  staff  efficiency  by  allow¬ 
ing  virtual  servers  to  be  deployed  in 
days  instead  of  the  weeks  required  to 
provision  physical  machines. 

But  as  virtual  machine  technology 
moves  out  of  development  labs  and 
into  production  server  environments 
in  large  numbers,  some  administrators 
are  finding  that  the  growth  of  virtual 
servers  is  getting  ahead  of 
the  tools  available  to  effec¬ 
tively  manage  them. 

Existing  server-monitor¬ 
ing  tools  are  increasingly 
aware  of  virtual  servers,  but 
most  aren’t  yet  sophisticated 
enough  to  interpret  feedback 
in  a  virtual  machine  context 
—  much  less  act  on  it.  “They 
don’t  take  into  account  the  particulars 
of  virtual  machines,”  says  Frank  Gillett, 
an  analyst  at  Forrester  Research  Inc. 

For  example,  a  virtual 
machine  may  be  running  at 
100%  utilization  but  using 
only  a  fraction  of  the  un¬ 
derlying  server’s  resources. 

“Some  of  the  things  you 
monitor  no  longer  mean  the 
same  thing,”  Kuzmack  says. 

“It  would  be  nice  if  all  of 
our  standard  tools  worked 
in  the  virtual  space,  but  they 
don’t,  and  it  doesn’t  look 
like  they’re  going  to  any¬ 


I  i  ow  Much 


Tools  that  automate 
the  process  of  tracking 
virtual  machine  utilization 
for  chargebacks  aren't 
available  -  yet. 

(7.  ..computerworfri:. 
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time  soon,”  says  Norm  Fjeldheim,  CIO 
at  Qualcomm  Inc.  in  San  Diego.  He  is 
evaluating  tools  targeted  at  virtual  ma¬ 
chine  management  to  fill  the  gap. 

For  many  organizations,  identifying 
the  root  cause  of  virtual  server  problems 
and  rectifying  them  remains  largely  a 
manual  process.  As  the  number  of  virtu¬ 
al  machines  in  the  data  center  increases, 
solving  those  problems  in  an  automated 
way  becomes  more  urgent. 

Performance  monitoring  is  just  one 
aspect  of  virtual  machine  management. 
Other  tasks  include  optimizing  the  mix 
of  virtual  machines  that  should  reside 
on  each  physical  server  to  achieve  the 
best  possible  performance;  automat¬ 
ing  virtual  machine  provisioning,  load 
balancing,  patch  management,  configu¬ 
ration  management  and  fail-over;  and 
enabling  policy-based  orchestration  to 
automatically  trigger  the  appropriate 
responses  to  events. 

For  some  functions,  such  as  patch 
management,  existing  tools  work  fine, 
says  Paul  Poppleton,  a  senior  staff  en¬ 
gineer  at  Qualcomm.  In  other  areas,  he 
says,  “we’re  getting  the  best  wins  on 
the  tools  that  take  into  account  the  fact 
that  systems  are  virtualized.” 

Even  organizations  just  starting  vir¬ 
tual  server  projects  can  quickly  run  into 
management  challenges.  Once  the  deci- 

_  sion  is  made  to  introduce 

virtual  servers,  the  numbers 
can  increase  much  more 
rapidly  than  expected  be¬ 
cause  it  becomes  easier  to 
procure  new  servers,  says 
Poppleton.  “Tack  on  20%  or 
30%  to  what  you  planned  on 
for  growth,  because  it  can 
really  take  off  on  you,”  he 
warns.  Qualcomm  has  1,280 
VMware  ESX  Server  virtual 
machines  company  wide 
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VIRTUALIZATION  TECHNOLOGY  may 
make  provisioning  of  individual  servers  faster 
and  easier,  but  the  process  can  still  take  up 
increasing  amounts  of  administrators’  time  as 
the  number  of  requests  increases.  The  most 
demanding  groups  tend  to  be  development 
reams,  which  routinely  build  and  tear  down 
virtual  machines  as  testing  platforms. 

“We  were  getting  a  lot  of  requests  from 
developers  to  spin  up  these  machines  in 
ESX  Server,"  says  Stewart  Hubbard,  director 
of  IT  engineering  at  clothing  retailer  Cold- 
water  Creek.  The  developers  didn’t  like  to 
wait,  but  giving  them  access  to  the  produc¬ 
tion  interface,  VMware's  VirtualCenter, 
wasn’t  feasible.  So  Hubbard  is  rolling  out 
Slingshot,  a  self-service  provisioning  tool 
from  Akimbi  in  San  Mateo,  Calif.,  that  lets 
developers  provision  and  deprovision  their 
own  virtual  machines. 

Akimbi  is  one  of  several  vendors  offering 
such  tools.  Others  include  Surgient  Inc.,  Enig- 


that  run  a  mix  of  Windows  and  Linux. 
About  850  virtual  machines  are  running 
in  Qualcomm’s  data  center,  with  each 
physical  server  hosting  an  average  of  10 
virtual  machines. 

Even  fine-tuning  the  performance  for 
as  few  as  10  virtual  machines  can  be  a 
challenge.  “One  place  where  we’ve  had 
trouble  is  trying  to  manage  the  resourc¬ 
es  on  a  single  physical  host,”  says  Pop- 
pleton.  VMware  Inc.’s  VirtualCenter  2 
management  software,  which  Qual¬ 
comm  is  beta-testing,  should  help  with 
that,  he  says.  The  software  is  expected 
to  ship  in  the  first  half  of  this  year. 

Finding  the  Right  Tool 

Kuzmack  is  also  beta-testing  Virtual- 
Center  2.  One  component,  Data  Re¬ 
source  Scheduler,  aggregates  servers 
into  pools  that  can  be  assigned  to  groups 
and  managed  through  policies  that  the 
administrator  creates.  “We  can  take 
a  group  of  physical  servers  and  carve 
them  up  into  resource  pools  where  we 
can  set  high-level  and  low-level  limits 
and  resource  guarantees,”  he  says.  An¬ 
other  feature,  Distributed  Availability 
Service,  automatically  moves  virtual 
machines  to  a  new  physical  server  and 
restarts  them  after  a  physical  server  fails. 

Kuzmack  is  also  working  on  basic 
monitoring.  He  wants  to  integrate  VM- 
ware’s  VirtualCenter  control  software 
with  Gannett’s  Microsoft  Operations 
Manager  (MOM)  software.  Other  than 
basic  performance  metrics,  “we  haven’t 


matec  Corp.  and  Platform  Computing. 

Developers  at  Coldwater  Creek  choose 
from  a  library  of  virtual  machine  images.  Pre¬ 
defined  amounts  of  virtual  machine  resources 
are  allocated  to  individuals  or  groups.  Hub¬ 
bard  says  the  developers  can  provision  the  re¬ 
sources  they  need  when  they  need  them  and 
then  release  them  when  they’re  done.  “There 
aren't  [idle]  resources  running  all  of  the  time," 
he  says.  In  addition.  Slingshot  can  provision 
virtual  environments  for  multitiered  applica¬ 
tions  and  group  together  virtual  servers  into  a 
single,  integrated  environment. 

The  arrangement  is  a  win-win  setup  for 
IT  and  the  end  users.  Administrators  retain 
control  over  resource  use,  while  developers 
get  the  resources  they  need  without  going 
through  red  tape.  “We  want  to  segment  the 
developers  from  production  but  still  give  them 
the  ability  to  work  as  quickly  as  they  need  to,” 
Hubbard  says. 


determined  what  we  want  to  expose  to 
the  MOM  console  yet,”  he  says. 

Jim  Ni,  senior  technical  product  man¬ 
ager  at  Microsoft  Corp.,  says  the  com¬ 
pany  is  working  on  adding  more  virtual 
machine  management  capabilities  to 
its  management  tools,  but  it’s  not  there 
quite  yet.  For  example,  Systems  Man¬ 
agement  Server  can  manage  physical 
machine  image  libraries  but  can’t  differ¬ 
entiate  between  an  image  for  a  physical 
machine  and  a  virtual  machine  image. 

Poppleton  is  using  VirtualCenter  but 
says  he  also  needs  more  cross-platform 
tools.  “Right  now,  we’re  a  VMware 
shop,  but  in  the  future  that  may  not  be 
true,”  he  says.  He’s  considering  using 
VirtuallQ,  a  virtual  machine  manage¬ 
ment  tool  suite  being  developed  by 
ToutVirtual  Inc.  in  Carlsbad,  Calif.  It 
supports  automated  provisioning,  ca¬ 
pacity  management  and  security. 

He’s  also  looking  at  tools  for  “grid- 
style  management  of  physical  and 
virtual  systems,”  such  as  VM  Orches- 
trator  from  Platform  Computing  Inc. 
in  Markham,  Ontario.  VMO  optimizes 
capacity  by  dynamically  allocating  and 
controlling  virtual  machine  resources 
and  utilization  levels  based  on  user- 
defined  policies. 

Both  ToutVirtual  and  Platform  Com¬ 
puting  currently  support  VMware,  but 
both  have  also  announced  plans  to  sup¬ 
port  Microsoft  Virtual  Server  and  the 
open-source  Xen  virtual  machine  moni¬ 
tor.  In  the  interim,  Poppleton’s  staff  has 


had  to  develop  some  of  its  own  tools. 

“We’re  in  the  first  phases  of  automated 
provisioning,”  he  says,  adding  that  Qual¬ 
comm  wrote  its  own  utilities  because  it 
couldn’t  find  a  tool  that  met  all  its  needs. 

Christopher  Ware,  assistant  vice 
president  of  technology  services  at  a 
Wall  Street  brokerage  house,  recently 
deployed  BMC  Virtualizer,  an  orches¬ 
tration  and  provisioning  tool  that’s  part 
of  a  suite  of  virtual  machine  manage¬ 
ment  tools  from  Houston-based  BMC 
Software  Inc.  “It  gives  us  policy-driven 
responses  to  resource  utilization  is¬ 
sues,”  he  says.  The  tool  also  can  sup¬ 
port  virtual  machines  created  with  Xen, 
VMware  and  Virtual  Iron,  all  of  which 
are  running  at  the  brokerage. 

Like  other  cross-platform  tools, 
Virtualizer  integrates  with  APIs  from 
VMware  and  other  virtual  machine 
software  to  automate  the  execution  of 
those  proprietary  tools.  For  example, 
Virtualizer  supports  the  automated 
movement  of  virtual  machines  between 
physical  servers  in  VMware  environ¬ 
ments  using  VMotion. 

Ware,  whose  company  prefers  to  re¬ 
main  anonymous,  says  that  getting  BMC 
Virtualizer  to  work  with  all  of  his  virtual 
machines  wasn’t  exactly  a  plug-and-play 
experience  —  especially  since  no  com¬ 
mon  standards  exist.  In  his  environment, 
“there  was  a  significant  amount  of  coding 
and  customization  required  to  do  a  lot 
of  the  virtual  provisioning,”  he  says,  and 
that  accounted  for  the  bulk  of  the  deploy¬ 
ment  costs.  A  BMC  spokesman  says  the 
product  works  out  of  the  box  with  more 
than  50  applications. 

“Where  standards  would  really  help 
is  these  interfaces  for  controlling  and 
manipulating  virtual  machines  and  get¬ 
ting  feedback  on  them,”  says  Forrester’s 
Gillett,  noting  that  basic  virtualization 
is  being  commoditized  at  the  chip  and 
operating  system  levels.  VMware,  Xen 
developers,  Intel  Corp.  and  others  are 


/irtual  Machines 

On  the  March 
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-  of  organizations  nave 

implemented  virtual  machine  technology, 


ization  plan  to  increase  use  of  the  tech¬ 
nology  in  the  next  12  months. 

Base:  1,221  organizations  with  1*000  employees 
or  more 

SOURCE:  FEB,  22.  200 <?.  FORRESTER  T Rf.'N 0S  "SERV¬ 
ER  Virtualization  goes  mainstream"  survey,. 
FORRESTER  RESEARCH  INC.,.-  CA^BRieGE,  MASS, 


MYou  need 

something 

that  manages  the  vir¬ 
tual  and  the  physical 

together 

Frank  Gillett,  analyst, 

FORRESTER  RESEARCH  INC. 

discussing  the  need  for  higher-level  stan¬ 
dards  but  have  yet  to  reach  a  consensus. 

Stewart  Hubbard,  director  of  IT 
engineering  at  Coldwater  Creek  Inc.,  a 
clothing  retailer  in  Sandpoint,  Idaho,  has 
about  60  production  servers  running  in 
ESX  Server  virtual  machines.  He  says 
resource  allocation  is  a  big  issue. 

“When  a  particular  machine  starts 
to  get  hammered  and  the  resources 
aren’t  available,  you’ll  see  a  noticeable 
dip,  and  the  end  users  will  notice  it,”  he 
says.  Right  now,  he  uses  VirtualCenter 
to  address  the  issues,  one  machine  at  a 
time.  And  because  not  all  application 
vendors  support  their  software  run¬ 
ning  in  virtual  machines,  he  uses  a  tool 
from  PlateSpin  Ltd.  to  migrate  virtual 
machines  back  onto  physical  servers 
for  technical  support  purposes. 

While  virtualization-specific  man¬ 
agement  tools  are  a  good  option  today, 
ultimately,  “you  need  something  that 
manages  the  virtual  and  the  physical 
together,”  says  Gillett.  BladeLogic  Inc., 
which  offers  a  virtualization-aware 
configuration  life-cycle  management 
tool,  contends  that  a  single  set  of  policies 
should  control  both  worlds.  Once  the 
policy  and  “personality”  of  a  server  are 
defined,  “every  instance  of  the  server, 
whether  physical  or  virtual,  is  treated 
more  as  a  compliance  exercise,”  says 
Vick  Vaishnavi,  director  of  product  mar¬ 
keting  at  BladeLogic  in  Waltham,  Mass. 

Qualcomm’s  Fjeldheim  says  he  sees 
no  reason  to  wait  for  all  the  pieces  of 
the  management  puzzle  to  come  to¬ 
gether.  Integrated  tools  would  be  nice 
to  have,  but  “we’re  happy  to  use  the 
tools  that  are  specific  to  the  virtual 
environment.  It’s  not  that  big  a  deal,” 
he  says. 

Today,  it’s  the  early  adopters  in  in¬ 
dustries  such  as  financial  services  that 
are  encountering  management  issues 
with  what  vendors  like  to  call  “virtual 
machine  sprawl,”  but  the  pain  will 
spread  as  more  companies  ramp  up  the 
number  of  virtual  servers  in  use  be¬ 
tween  now  and  next  year,  analysts  say. 

“Implementing  this  stuff  is  the  begin¬ 
ning  of  rethinking  how  you  manage 
your  IT  infrastructure,”  says  Gillett. 
“You  won’t  get  far  without  thinking 
about  data  center  automation.”  » 


ROBERT  L.  MITCHELL 


THE  REAL  POINT  OF  I.T.  IS  NOT 
TO  OPTIMIZE  YOUR  APPLICATIONS 

THE  REAL  POINT  IS  TO 
OPTIMIZE  YOUR  BUSINESS. 


When  your  I.T.  department  is  busy  with  SAP R 
and  Oracle R  implementations,  upgrades, 
and  consolidations,  sometimes  it’s  hard  to 
remember  there  is  a  reason  for  all  this: 
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Computer 

Science 
Looks  for 
A  Remake 

How  can  CS  become  an  appealing 
career  choice  again?  Robot  dogs,  a 
new  focus  on  users  and  a  prime- 
I  time  TV  show.  By  Gary  Anthes  i 


Two  of  the  world’s  premier  facilities  for 
research  and  education  in  computer 
science  are  celebrating  big  birthdays 
this  spring.  Stanford  University’s  CS 
department  observed  its  40th  birthday 
in  March,  and  Carnegie  Mellon  Univer¬ 
sity’s  school  of  CS  passed  the  half- 
century  mark  last  month. 

Despite  the  celebrations  on  both 
campuses,  there  is  a  deep  malaise 
in  computer  science  these  days. 
Professors  bemoan  falling  enrollments, 
a  decline  in  prestige  and  a  lack  of  at¬ 
tention  to  real-world  problems.  But, 
paradoxically,  they  say  the  future  of  CS 
has  never  been  brighter,  both  within  the 
discipline  and  in  fields  that  computer 
technology  will  increasingly  influence. 
Computerworld’s  Gary  Anthes  recently 
asked  six  CS  professors  what  lies  ahead 
for  the  field. 


costs,  CS  will  play  the  key  role.  I  see 
CS  as  a  sort  of  universal  science.  We’re 
beginning  to  pervade  everything. 

Chazelie:  CS  is  the  new  “new  math,” 
and  people  are  beginning  to  realize 
that.  CS,  like  math,  is  unique  in  the 
sense  that  many  other  disciplines  will 
have  to  adopt  that  way  of  think¬ 
ing.  It  offers  a  sort  of  conceptual 
framework  for  other  disciplines, 
and  that’s  fairly  new. 

Carbonell:  There  are  many  more 
innovations  in  the  works  —  reliable 
speech  understanding,  high-quality 
machine  translation,  lightweight,  high- 
capacity  e-books,  theft-proof  electronic 


wallets  and  so  on.  These  innovations 
often  require  better  tools,  extended 
programming  languages  and  even  new 
processor  architectures. 

And  we  must  see  if  other  models  of 
computing  could  surpass  the  tried  and 
true.  Nanotechnology  and  quantum 
computing  could  well  be  fundamental 
ingredients  in  the  next  revolution  in 
computing.  Massively  parallel  com¬ 
putation  based  on  swarms  of  conven¬ 
tional  chips  underlies  another  potential 
revolution. 

Canny:  Computers  aren’t  very  valu¬ 
able  yet,  because  the  applications  they 
perform  are  still  elementary  and  rou¬ 
tine.  It’s  actually  remarkable  how  much 
we  spend  on  IT,  considering  how  little 
it  does.  The  most  widespread  applica¬ 
tions  are  still  e-mail  and  Microsoft 
Office.  That  should  tell  us  something. 

What  we  really  need  to  be  thinking 
about  is  what  people  are  doing  with 
computers  and  how  we  could  help 
them  to  do  those  things  much  better. 
Since  most  people  are  doing  knowledge 
tasks,  that  means  machines  under¬ 
standing  their  owners’  work  processes 
much  more  deeply,  finding  semanti¬ 
cally  appropriate  resources  with  or 
without  being  asked,  critiquing  choices 
and  suggesting  better  ones,  and  track¬ 
ing  synergies  with  other  groups  within 
a  large  organization. 

Computers  will  leverage  the  human 
resources  in  the  company  more  at  a 
knowledge  level.  They  will  directly  tie 
what  they  do  to  the  creative  processes 
of  employees.  The  economic  impact  of 
that  would  be  much  bigger  than  any¬ 
thing  we  have  seen  so  far. 

Q Which  areas  in  CS  will  show  the 
most  important  and  interesting  ad¬ 
vancements  in  the  next  few  years? 
Chazelie:  Definitely  algorithms.  What 
are  the  most  amazing  technological 
breakthroughs  in  recent  years?  TCP/ 

IP,  whole-genome  shotgun  sequenc- 


We’ve  had  a  fun 
childhood  with¬ 
out  many  cares,  but 
now  we’re  grown, 
and  we  have  to  fig¬ 
ure  out  what  we  can 
do  for  the  world  that 
really  matters. 

JOHN  CANNY,  UNIVERSITY 
OF  CALIFORNIA.  BERKELEY 


ing,  Google,  quantum  factoring  —  all 
of  them  algorithms.  We’re  in  for  huge 
surprises. 

Bryant:  A  recent  big  growth  area  in 
computing  has  been  in  using  statisti¬ 
cal  methods  to  process  vast  quantities 
of  data.  Google  is  a  prime  example  of 
that:  They  can  return  a  query  to  you  in 
a  few  seconds  based  on  the  contents  of 
the  entire  [Web],  How  do  they  do  it?  By 
maintaining  massive  data  repositories 
that  allow  thousands  of  processors  to 
operate  on  terabytes  of  data. 

This  data-centric  style  of  comput¬ 
ing  will  drive  many  future  efforts 
in  natural-language  translation  and 
understanding,  astronomy  and  even 
epidemiology. 

For  example,  we  have  a  project  that 
provides  early  detection  of  public 
health  concerns  by  monitoring  the 
sales  of  cough  and  cold  remedies  at 
regional  pharmacies  —  giving  a  heads- 
up  before  doctors  start  seeing  disease 
trends  among  their  patients. 

Birman:  I’m  convinced  that  we’re 
reaching  a  point  where  trustworthy 
computing  will  finally  overcome  its 
historical  market-failure  problems 
and  become  a  commonplace  require¬ 
ment.  And  I  see  massive  databases  as 

Continued  on  page  28 
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QHow  important  is  computer  science 
as  a  discipline  today? 

Birman:  The  importance  of  CS  has 
never  been  greater.  We’re  discovering 
ways  to  build  just  about  everything 
out  of  small,  simple  mechanisms  glued 
together  with  software,  so  no  matter 
what  you  do,  CS  tends  to  be  inside.  And 
the  scope  of  this  new  CS  is  amazing: 
We’re  at  the  center  of  the  action  in  biol¬ 
ogy,  nanotechnology,  particle  physics. 
If  society  is  ever  going  to  slash  medical 
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Continued  from  page  26 
a  huge  area  and  opportunity,  particu¬ 
larly  when  the  data  is  intrinsically 
distributed. 

Web  services  will  be  the  next  in¬ 
teroperability  standard,  engulfing 
CORBA  but  going  further.  The  world 
is  going  to  become  interoperable,  and 
this  leads  to  large-scale,  distributed, 
service-oriented  architectures.  There’s 
a  lot  of  research  to  do,  but  this  is  going 
to  be  a  phenomenally  large  thing,  much 
larger  than  the  original  Web  revolu¬ 
tion. 

Carbonell:  Artificial  intelligence.  Al¬ 
though  those  words  may  be  somewhat 
out  of  fashion  these  days,  much  of  the 
deep  excitement  and  universally  useful 
apps  descend  therefrom.  For  example: 
speech  understanding  and  synthesis  in 
handheld  devices,  in  cars,  in  laptops; 
machine  translation  of  text  and  spoken 
language;  new  search  engines  that  find 
what  you  want,  not  just  Web  pages 
that  contain  query  words;  self-healing 
software,  including  adaptive  networks 
that  reconfigure  for  reliability;  robotics 
for  mine  safety,  planetary  exploration; 
prosthetics  for  medical/nursing  care 
and  manufacturing;  game  theory  for 
electronic  commerce,  auctions  and 
their  design  to  ensure  fairness  and 
market  liquidity  and  maximize  aggre¬ 
gate  social  wealth. 

Qls  the  looming  end  of  Moore’s  Law 
a  key  driver  for  CS  today? 

Birman:  Not  in  my  view.  My  machine  is 
fast  enough.  Trustworthy  computing 
is  a  much  more  urgent  issue.  After  all, 
if  we  move  all  these  critical  systems  to 
computer  networks  and  don’t  solve  the 
trust  issue,  we’ll  be  cooked,  and  faster 
machines  are  really  not  going  impact 
that  issue  one  iota. 

Chazelle:  We’re  at  the  tail  end  of 
Moore’s  Law.  Because  of  power- 
dissipation  issues,  the  party’s  essential¬ 
ly  over.  Back  to  parallel  architectures. 
Huge  work  ahead. 

But  this  will  be  the  best  thing  that 
can  happen  to  CS.  Moore’s  Law  has 
been  tremendously  beneficial  to  soci¬ 
ety.  At  the  same  time,  it’s  been  so  damn 
powerful  that  it  has  set  back  the  devel¬ 
opment  of  algorithms.  But  that’s  about 
to  change.  Any  student  interested  in 
science  and  technology  needs  to  learn 
to  think  algorithmically.  That’s  the 
next  big  thing. 

Dally:  The  current  road  maps  show 
[Moore’s  Law]  continuing  for  at  least 
another  15  years.  Even  after  that  point, 
it  will  take  many  years  for  information 
systems  to  fully  exploit  the  densest 
semiconductor  devices.  One  can  also 
expect  that  other  technologies  may 


emerge  to  continue  scaling  —  perhaps 
in  a  different  way. 

Canny:  We’re  still  stuck  in  the  para¬ 
digm  of  “more  cycles,  more  value.” 

Now  is  the  time  to  really  start  looking 
around. 

The  market  for  computing  has 
changed  radically  and  irreversibly. 
What  really  matters  is  how  useful  our 
artifacts  are  to  the  people  who  are  buy¬ 
ing  them.  We  don’t  know  these  people 
anymore,  and  we  don’t  care  much 
what  they’re  doing  with  IT.  That  has 
to  change.  We’re  at  an  economic  cusp 
right  now.  Sales  have  slowed,  jobs  have 
slowed,  enrollments  have  slowed.  It’s 
not  a  technical  problem;  it’s  a  problem 
of  creating  value.  Every  mature  indus¬ 
try  has  to  face  that  eventually.  We’ve 
had  a  fun  childhood  without  many 
cares,  but  now  we’re  grown,  and  we 
have  to  figure  out  what  we  can  do  for 
the  world  that  really  matters. 

QHow  can  CS  be  made  a  more  at¬ 
tractive  choice  for  students? 

Bryant:  We  should  stop  scaring  them 
away.  Predicting  that  all  IT  jobs  will 
move  offshore  could  become  self- 
fulfilling.  New  jobs  are  growing  faster 
than  old  jobs  are  moving  offshore,  and 
that  trend  will  continue.  We  need  to 
stop  putting  them  to  sleep.  Students 
who  take  computer  science  classes  in 
high  school  are  taught  how  to  write 
programs  in  Java,  and  their  assign¬ 
ments  have  them  writing  code  that 
does  tedious  things  like  sort  lists  of 
numbers.  They  do  not  learn  about  any 
of  the  big  ideas  of  computer  science. 

Chazelle:  I  roll  my  eyes  when  I  hear 
students  say,  “CS  is  boring,  so  I’ll  go 
into  finance.”  Do  they  know  how  dull 
it  is  to  spend  all-nighters  running  the 
numbers  for  a  merger-and-acquisition 
deal?  No. 

People  have  run  away  from  CS  be¬ 
cause  they  are  worried  about  outsourc¬ 
ing.  This  is  a  valid  concern  that  can’t 
be  waved  away  by  simply  repeating  the 
mantra  that  CS  is  cool. 

Dally:  We  need  to  clear  up  many  mis¬ 
conceptions  about  the  field.  Prospec¬ 
tive  students  should  understand  that 
there  are  plenty  of  CS  jobs  in  the  U.S. 
and  they  pay  well,  that  most  CS  jobs 
involve  working  with  teams  of  people 
and  place  a  premium  on  communica¬ 
tion  skills  and  teamwork  —  it’s  not  just 
a  bunch  of  nerds  working  individually 
at  terminals  —  and  that  CS  is  so  cen¬ 
tral  to  so  many  aspects  of  our  economy 
that  a  CS  education  is  good  preparation 
for  many  careers. 

Canny:  We’re  losing  in  quality  — 
principally  to  bioengineering,  which 
is  now  the  best  students’  top  choice 


Looking  for 
Answers 

Carnegie  Mellon’s  Randal 
Bryant  says  there  are  many 
questions  he’d  like  computer 
science  to  tackle  more  effec¬ 
tively,  including  these: 

■  Why  do  spam  and  phishing 
attacks  constitute  50%  of  my 
e-mail  despite  multiple  levels 
of  filtering? 

■  Why  does  my  laptop  weigh 
5  lbs.  and  not  have  enough 
battery  life  to  get  me  through 
a  cross-country  trip? 

■  How  come  I  need  to  down¬ 
load  patches  from  Microsoft 
every  two  weeks  to  fix  prob¬ 
lems  with  buggy  software? 

■  Why  do  I  have  to  print  out 
documents  to  avoid  hurting 
my  eyes  reading  them  on  my 
screen? 

■  Why  can’t  I  search  my  digi¬ 
tal  photo  collection  for  images 
of  my  dog  catching  a  ball? 

■  Shouldn’t  people  be  able  to 
set  up  ad  hoc  networks  safely 
and  easily? 

■  Why  can’t  a  computer  drive 
a  car?  Or  a  wheelchair? 

■  Why  can’t  computer  pro¬ 
grams  translate  documents 
from  one  language  to  another 
with  the  same  quality  as  a 
professional  translator? 


—  and  diversity.  It’s  a  problem  of  so¬ 
cial  relevance.  Minorities  and  women 
moved  fastest  into  areas  such  as  law 
and  medicine  that  have  obvious  and 
compelling  social  impact.  We’ve  never 
cared  much  about  social  impact  in  CS. 

QHow  should  CS  programs  be 
modernized? 

Chazelle:  Much  of  the  curriculum  is  an¬ 
tiquated.  Why  are  we  still  demanding 
fluency  in  assembly  language  today  for 
our  CS  majors?  Some  curricula  seem 
built  almost  entirely  around  the  mas¬ 
tery  of  Java.  This  is  criminal. 

The  curriculum  is  changing  to  fulfill 
the  true  promise  of  CS,  which  is  to 
provide  a  conceptual  framework  for 
other  fields.  Students  need  to  under¬ 
stand  there’s  more,  vastly  more,  to  CS 
than  writing  the  next  version  of  Win¬ 
dows.  For  example,  at  Princeton,  we 
have  people  who  major  in  CS  because 
they  want  to  do  life  sciences  or  policy 
work  related  to  security,  or  even  high- 


tech  music.  In  all  three  cases,  we  offer 
tracks  that  allow  them  to  acquire  the 
technical  background  to  make  them 
intellectually  equipped  to  pursue  these 
cross-disciplinary  activities  at  the 
highest  level. 

Birman:  We  need  to  realize  that  we’re 
losing  a  lot  of  students  around  Grade 
10.  So  we  need  to  revamp  the  way  CS 
is  taught  in  high  school  to  focus  much 
less  on  programming  and  much  more 
on  problem-solving  and  puzzles.  Kids 
also  need  to  work  with  things  that 
are  fun  —  robot  dogs  that  follow  their 
owner  around  and  growl  at  people  who 
are  wearing  pink  socks  —  and  do  much 
less  coding.  Kids  need  to  be  grappling 
with  information  management  issues, 
like  the  challenges  of  securely  manag¬ 
ing  medical  records  and  the  legal  and 
ethical  issues  that  arise  if  we  put  moni¬ 
toring  systems  in  homes  to  keep  an 
eye  on  the  elderly,  or  in  cars  to  provide 
emergency  services. 

Q Bernard  Chazelle  says  CS  lacks  a 
“great  popularizer”  such  as  Ste¬ 
phen  Hawking  in  physics.  Does  CS  need 
such  a  person? 

Birman:  I  tend  to  view  Bill  Gates  as  our 
most  public  advocate,  but  I  agree  with 
Chazelle  about  this.  We  need  a  guy  like 
Oliver  Sacks  or  Carl  Sagan,  and  the 
field  doesn’t  have  anyone  in  this  role. 

Canny:  To  be  brutally  realistic,  I 
think  that  CS  as  it’s  constructed  today 
isn’t  as  exciting  as  other  sciences.  It’s 
necessarily  a  handmaiden,  and  other 
scientists  see  it  as  such.  But  Nicholas 
Negroponte  [co-founder  of  the  MIT 
Media  Lab]  is  almost  surely  as  charis¬ 
matic  and  media-savvy  as  anyone  in 
physics. 

Dally:  I  would  say  that  CS  needs  a 
serious  public  relations  effort.  A  prime¬ 
time  TV  show,  Silicon  Valley  Software, 
could  also  do  a  lot  of  good,  if  done 
right,  to  show  people  what  computing 
careers  are  really  about  and  to  clear  up 
many  misconceptions  about  the  field. 

Carbonell:  CS  needs  a  great  com¬ 
municator  who  lives  the  excitement,  is 
deeply  respected  by  his  or  her  peers, 
and  can  reach  out  and  communicate 
clearly  with  any  educated  person  via 
his  books.  We  have  no  such  person  in 
CS.  Perhaps  Raj  Reddy  [a  Carnegie 
Mellon  computer  science  professor] 
has  the  right  kind  of  talents. 

Bryant:  For  years,  we  didn’t  have  to 
worry  about  our  public  image.  Students 
clamored  to  get  involved  with  comput¬ 
ers,  and  government  agencies  were 
generous  with  their  funding.  We  need 
a  Stephen  Hawking,  a  Carl  Sagan  or  a 
Richard  Feynmann,  but  I  have  no  idea 
who  that  would  be. » 
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A  STROLL  THROUGH  THE  TECHNOLOGY  LANDSCAPE 


Supercomputer  SUGQGStS  The  reSLJhs  show  that  advance  preparation  of  a 

*'  '  modestly  effective  vaccine  in  large  quantities  ap- 


Avian  Flu  Strategy 


Simulation  of 
Day  90  of  an  avian  flu 
pandemic,  with  blue  indicating  one  person 
or  fewer  infected  per  1,000  persons,  green 
indicating  50  infected  per  1,000  and  red  indi¬ 
cating  100  or  more  cases  per  1,000  persons. 


pears  to  be  preferable  to  waiting  for  the  develop¬ 
ment  of  a  well-matched  vaccine. 

The  computer  simulation  models  a 
synthetic  population  that  matches  U.S. 
census  demographics  and  worker- 
mobility  data.  It  uses  U.S.  Department 
of  Transportation  travel  data  to  model  long¬ 
distance  trips  in  an  attempt  to  realistically  capture 
the  spread  of  the  pandemic  virus  by  airplane  and 
other  modes  of  cross-country  travel. 

The  model  of  disease  transmission  involves  prob¬ 
abilities  that  any  two  people  in  a  community  will  meet 
on  any  given  day  in  any  one  of  a  number  of  settings, 
such  as  a  home  or  workplace.  Thus,  simulated  dis- 
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Single- 


(-Molecule 
Diodes  Could  Extend 
Moore’s  Law 


USING  THE  POWER  of  modem  computing 
combined  with  innovative  theoretical  tools,  an 
international  team  of  researchers  has  deter¬ 
mined1  how  a  one-way  electrical  valve,  or  diode 
made  of  only  a  single  molecule  does  its  job. 

Diodes  are  critical  components  within  com¬ 
puters.  audio  equipment  and  countless  other 
electronic  devices.  If  designers 
can  swap  existing  diodes  with 
the  single-molecule  variety,  the 
products  could  be  shrunk  to 
incredibly  small  sizes. 

The  technology  may  allow  computer  de¬ 
signers  to  sustain  Moore's  Law  -  Intel  Cep. 
co-founder  Gordon  Moore’s  prediction  that 
computing  advances  will  aliow:  a  doubling  ev¬ 
ery  18  months  in  the  number  of  transistors  that 
can  fit  on  a  silicon  chip.  First  put  forward  by 
Moore  in  1965,  the  law'”  has  -been  nearing  the 
end  of  its  useful  life  as  ever-shrinking  chips 
approach  their  physical  limits. 


GROVES  OF 
ACADEME 


Created  by  a  research  team  at  the  Univer¬ 
sity  of  Chicago,  the  single-molecule  diode  is 
merely  a  few  tens  of  atoms  in  size  and  1.000 
times  smaller  than  its  conventional  counter¬ 
parts,.  Recently,  theorists  from  the  Un  i  versity 
of  South  Florida  and  the  Russian  Academy  of 
Sciences  have  explained  the  principles  that 
make  the  device  work. 

The  researchers  showed  that:  electron  en¬ 
ergy  levels  in  a  molecule  are  efficient  channels 
for  transferring  electrons  from  one  electrode 
to  another...  Because  the  molecule  in  the  diode 
is  asymmetrical,  the  electronic 
response  is  also  asymmetrical 
when  voltage  Is  applied.  The 
asymmetry  contributes  to  a 
phenomenon  called  molecular 
rectification:  The  channels  conduct  electrons 
in  one  direction  but  limit  flow  in  the  opposite 
direction  when  the  voltage  polarity  icverses. 
That  property  makes  the  molecular  diode  a  po¬ 
tential  gatekeeper  for  circuits  and  a  candidate 
to  one  day  replace  silicon  in  computer  chips. 

Researchers  from  all  three  institutions 
reported  their  findings  in  the  March  10  issue 
of  Physical  Review  Letters, 


ease  transmission  is  more  likely  for  two  people  in  the 


same  household  and  less  likely  for  two  people  who 
have  less  in  common.  Other  elements  of  random¬ 
ness  modify  the  simulated  disease  course.  A  signifi¬ 
cant  fraction  of  infected  people  (33%  in  the  present 
model)  never  develop  clinical  symptoms,  although 
they  are  themselves  infectious.  In  addition,  the  dura¬ 
tions  of  the  incubation  and  infectious  periods  can 


mented  in  Los  Alamos’  celebrated  Scalable  Parallel 


for  the  nuclear  weapons  program.  It  runs  on  the 
supercomputer  known  as  Pink,  a  1,024-node  (2,048- 


running  Ciustermatic  3,  the  largest  single-system 
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USING  SUPERCOMPUTERS  to  respond  to  a  po 
tential  national  health  emergency,  scientists  have  de¬ 
veloped  a  model  that  makes  stark  predictions  about 
the  possible  course  of  an  avian  influenza  pandemic. 

The  large-scale,  stochastic  simulation  model  exam¬ 
ines  the  nationwide  spread  of  a  vims  strain,  such  as 
an  evolved  avian  H5N1  virus,  should  it  become  trans¬ 
missible  human-to-human.  The  simulation  rolls  out  a 
city-  and  census-tract-level  picture  of  the  spread  of 
infection  through  a  synthetic  population  of  281  million 
people  over  the  course  of  180  days,  and  it  examines 
the  effects  of  interventions  such  as  antiviral  therapy, 
school  closures  and  travel  restrictions  as  vaccine  de¬ 
velopers  struggle  to  catch  up  with  the  evolving  virus. 

The  model  indicates  that  the  best  strategy  for  miti¬ 
gating  a  pandemic  would  involve  stockpiling  a  large 
supply  of  vaccine  containing  potential  bird-flu  anti¬ 
gens  and  developing  the  capacity  to  rapidly  make  a 
better-matched  vaccine  based  on  human  strains,  say 
scientists  Timothy  Germann,  Kai  Kadau  and  Catherine 
Macken  of  Los  Alamos  National  Laboratory  and  Ira 
Longini  of  the  University  of  Washington  and  the  Fred 
Hutchinson  Cancer  Research  Center  in  Seattle.  Their 
research  is  presented  in  the  April  11  issue  of  Proceed¬ 
ings  of  the  National  Academy  of  Sciences. 


DIFFERENCE  ENGINES 


Bridging  the 
Language  Gap 

EARLY  COMPUTERS  did  not  use  compil¬ 
ers,  which  are  programs  that  translate  text 
written  in  one  computer  language  (the  source 
language)  into  another  computer  language 
(the  target  language).  Those  relatively  primi¬ 
tive  early  machines  had  just  a  few  operations 
codes  and  little  memory,  and  users 
entered  binary  machine  code  di-  * 
rectly  by  toggling  switches  on  the  •  $£ 
computer  console/front  panel. 

In  the  late  1940s,  programmers 
found  that  machine  code  could 
be  denoted  using  some  mnemon¬ 
ics  (assembly  language)  and 
computers  could  translate  those 
mnemonics  into  machine  code. 

The  primitive  compiler  known  as 
assembler  emerged. 


U.S.  Navy  officer  Grace  Hopper  is  cred¬ 
ited  with  doing  much  of  the  seminal  work 
in  the  development  of  compilers  when  she 
worked  on  the  Univac  computer  for  Rem¬ 
ington  Rand  Corp.  in  the  early  1950s.  She 
did  this,  she  said,  because  she  was  lazy  and 
hoped  that  “the  programmer  may  return  to 
being  a  mathematician.”  Her  work  embodied  or 
foreshadowed  enormous  numbers  of  develop¬ 
ments  that  are  now  the  bones  of  digital  comput¬ 
ing:  subroutines,  formula  translation, 
relative  addressing,  the  linking  loader, 
code  optimization  and  even  symbolic 
manipulation  of  the  kind  embodied 
in  the  Mathematica  and  Maple  pro¬ 
gramming  languages. 

The  Fortran  team  at  IBM,  ied  by 
the  programming  language’s  inventor, 
John  Backus,  is  generally  credited  as 
having  introduced  the  first  complete 
compiler,  in  1957.  Cobol  was  an  early 
language  to  be  compiled  on  multiple 


architectures,  starting  in  1960.  Most  of 
the  principles  of  compiler  design  were 
developed  during  the  1960s. 

With  the  evolution  of  programming 
languages  and  the  increasing  power 
of  computers,  compilers  are  becoming 
increasingly  complex  in  order  to  bridge 
the  gap  between  problem-soiving  modern 
programming  languages  and  the  various  com¬ 
puter  systems,  aiming  at  getting  the  highest 
performance  out  of  the  target  machines. 

Because  compilers  translate  source  code 
into  object  code,  which  is  unique  for  each 
type  of  computer,  many  compilers  are  avail¬ 
able  tor  the  same  language.  For  example, 
there  is  a  Fortran  compiler  for  PCs  and 
another  for  Apple  Computer  Inc.'s  Macintosh 
computers.  In  addition,  the  compiler  industry 
is  quite  competitive,  so  there  are  actually 
many  compilers  for  each  language  on  each 
type  of  computer.  More  than  a  dozen  com¬ 
panies  develop  and  sell  C  compilers  for  PCs. 
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Leaders  Wanted/CIO  Challenge  Series 


Challenge  #1: 

Teach  everyone  howto  innovate  with  IT. 


Solution: 

Hyperion — your  management  system  for  the  global  enterprise. 

Technology  drives  innovation.  That  makes  you  Chief  Innovation  Officer.  So,  how  do  you 
transform  innovation  from  a  buzzword  into  a  sustainable  part  of  your  business?  Visionary 
CIOs  are  leading  the  way  with  Hyperion  performance  management  solutions.  With 
Hyperion,  you  break  down  the  barriers  between  finance,  operations  and  planning  and  align 
them  around  a  master  data  set.  You  give  everyone  the  tools  they  need  to  continuously 
analyze  and  manage  business  performance — and  invent  new  ways  to  improve  it.  Isn’t  that 
what  real  innovation  is  all  about? 


FREE  ARTICLE  FROM  HARVARD  BUSINESS  REVIEW 

How  do  other  IT  leaders  drive  innovation? 

Discover  new  insights  and  best  practices  from  the  Harvard  Business 
Review  and  Hyperion.  Co  to  www.hyperion.com/go/leaders 

#  Hyperion" 

The  future  in  sight 


©2006  Hyperion  Solutions  Corporation.  All  rights  reserved.  "Hyperion.'*  the  Hyperion  logo  and  Hyperion's  product  names  are  trademarks  of  Hyperion.  References  to  other  companies  and  their  products  use  trademarks  owned  by  the  respective  companies  and  are  for  reference  purpose  only. 
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t  Laptops,  Caffeine, 
Nicotine  and  Chocolate 


Laptop  security  concerns  give  our  manager 
a  headache  she  can’t  shake  by  any  number 
of  unhealthy  means.  By  C.J.  Kelly 


I  SAT  AT  my  desk,  staring 
at  the  whiteboard  on  the 
wall.  I  was  plagued  with 
security  insecurities  and 
a  massive  headache.  My  aller¬ 
gies  were  feeding  the  head¬ 
ache,  but  at  the  root  was  stress. 
I  had  a  lot  on  my  mind,  includ¬ 
ing  what  to  do  about  laptops. 

When  I’d  woken  up  in  the 
morning  with  the  headache 
and  all  the  signs  of  a  major  al¬ 
lergy  attack,  I’d  first  popped 
an  allergy  pill.  Then  I  gulped 
down  a  huge  mug  of  coffee  as 
I  started  the  drive  to  work.  I 
still  had  the  head¬ 
ache  an  hour  later 
when  I  arrived.  I 
next  went  for  the 
headache  pills  and 
a  huge  latte.  I  added 
a  healthy  dose  of 
nicotine  into  the  mix 
just  for  good  measure.  Noth¬ 
ing  seemed  to  be  working,  and 
now  I  was  throwing  handful 
after  handful  of  M&Ms  into 
my  mouth. 

I  knew  that  trying  to  drown 
the  headache  in  caffeine, 
nicotine  and  chocolate  was 
probably  the  worst  treatment 
method,  but  we  don’t  always 
act  rationally.  I  had  a  problem, 
no  solution  was  coming  to  me, 
and  I  was  feeling  frustrated. 

Laptops  present  a  security 
dilemma.  They  are  among 
the  best  productivity  devices 
ever  created,  but  they  may 
also  be  the  single  largest  se¬ 
curity  threat  to  corporate  and 
government  networks.  Their 
utility  means  they  aren’t  going 
away  anytime  soon,  but  their 
vulnerability  means  things 
can’t  continue  as  they  are. 

Like  security  managers 
everywhere,  I  read  about  in¬ 
cidents  such  as  laptops  that 
contain  vital  and  sensitive 


information  being  stolen,  and 
I  shudder. 

But  I  certainly  appreciate 
the  value  of  a  laptop.  Mine 
goes  everywhere  I  go,  and  I 
connect  it  to  a  variety  of  net¬ 
works  wherever  I  am. 

Security  Willies 

Lately,  employees  of  the  state 
agency  I  work  for  have  been 
starting  to  tune  in  to  how  nice 
a  laptop  can  be  for  getting 
work  done  while  on  the  road. 

But  I  have  enough  experi¬ 
ence  that  this  productiv¬ 
ity  enhancement 
gives  me  the  secu¬ 
rity  manager  willies. 
When  I  worked  in 
the  private  sec¬ 
tor,  we  had  a  major 
security  breach 
involving  a  remote 
laptop  connected  via  a  home 
DSL  connection.  A  hacker  had 
compromised  the  home  net¬ 
work,  gained  administrative 
privileges  and  changed  the 
password.  He  then  achieved 
remote  access  through  the 
VPN  and  tried  to  hack  into 
a  corporate  database.  It  was 
then  that  we  noticed  we  had 
an  intruder. 

The  laptop  had  been  com¬ 
promised  through  a  known 
vulnerability.  The  machine 
had  been  in  the  field  for  a 
year  without  being  properly 
patched  and  updated.  Even 


I  know  of 
only  one 
company  that 
manages  wireless 
laptops  in  a  truly 
secure  fashion. 


though  this  happened  years 
before  such  incidents  had  to  be 
disclosed  to  consumers,  it  got 
upper  management’s  attention. 

After  long  ignoring  the 
screams  and  pleas  of  the  se¬ 
curity  and  IT  teams  for  a  way 
to  secure  and  manage  remote 
laptops,  the  company  suddenly 
coughed  up  the  funds  to  buy 
remote  management  software. 

That  was  a  step  in  the  right 
direction,  but  the  laptops  that 
we  allow  staffers  to  check  out 
when  they  travel  can  be  used 
wirelessly  through  a  broad¬ 
band  provider. 

I  know  of  only  one  company 
that  manages  wireless  laptops 
in  a  truly  secure  fashion,  and 
even  it  faltered  at  first. 

A  friend  of  mine  works  at 
a  large  telecommunications 
company.  When  it  first  en¬ 
abled  wireless  connectivity 
on  the  sales  force’s  computers, 
the  salespeople  couldn’t  use  it 
to  log  into  the  corporate  net¬ 
work.  To  do  that,  they  had  to 
revert  to  the  old  dial-up  con¬ 
nection  to  a  VPN. 

For  the  security  team,  this 
was  preferable  because  it  was 
highly  secure,  using  RSA  Se¬ 
curity  Inc.’s  SecurlD  technol¬ 
ogy.  But  for  the  sales  force,  the 
painfully  slow  dial-up  connec¬ 
tion  discouraged  any  laptop 
use  on  the  road. 

Instead,  they  tended  to  work 
out  of  the  local  sales  offices, 
where  they  could  authenti¬ 
cate  to  the  local  network.  The 
whole  purpose  of  giving  them 
laptops  was  lost.  Eventually, 
the  company  started  to  provide 
secure  broadband  wireless 
connections  for  the  sales  force. 

The  cost,  of  course,  is  be¬ 
yond  what  we  can  afford  at 
this  small  state  agency.  As 
always,  we  have  to  figure  out 
how  to  enable  our  workforce 
on  a  shoestring  budget. 

We  have  a  technologically 
unsophisticated  workforce  to 
boot,  so  however  we  do  this,  it 
has  to  be  simple.  Our  employ¬ 
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ees  don’t  know  the  difference 
between  one  network  and  an¬ 
other.  All  they  know  is  how  to 
turn  the  laptop  on,  make  sure 
the  network  cable  or  card  is 
plugged  in  and  log  in. 

The  Dilemma 

So,  here  I  sit,  pondering  the 
dilemma.  Between  sips  of  latte 
and  handfuls  of  M&Ms,  I  start 
to  think  out  loud.  We  can  start 
by  building  a  secure  laptop 
image  that  has  all  unnecessary 
services  turned  off.  The  image 
should  include  these  features: 
a  personal  firewall  that  is  set 
to  automatically  update  over 
the  Internet;  antivirus  soft¬ 
ware  (that  prohibits  spyware, 
preferably)  that’s  also  set  to 
automatically  update;  an  up-to- 
date  operating  system  and  ap¬ 
plications,  set  to  automatically 
update;  an  alternative  browser, 
such  as  Mozilla’s  Firefox;  a 
disabled  guest  account;  and  a 
user  account  that  has  restrict¬ 
ed  permissions  so  that  the  user 
can’t  save  anything  to  the  hard 
drive  or  install  any  programs. 

We  could  also  supply  a  USB 
flash  memory  device  for  hold¬ 
ing  confidential  data,  which 
would  have  to  be  password- 
protected  and  encrypted,  and 
a  connection  to  the  state  net¬ 
work  via  a  Cisco  VPN  client, 
with  IPsec  encryption. 

We  might  want  to  allow  all 
other  network  connections,  in¬ 
cluding  wireless,  but  I’ll  have 
to  think  about  that  one. 

The  only  other  thing  I  can 
think  of  to  do  is  to  train  us¬ 
ers  in  the  secure  methods  of 
logging  in  remotely  and  safe¬ 
guarding  data  and  the  equip¬ 
ment  that  holds  data. 

Even  if  we  could  make  the 
laptops  as  secure  as  possible, 
we  would  still  have  to  rely  on 
the  people  who  use  them  to 
safeguard  them.  I  don’t  like 
that  answer,  but  I’m  afraid  it’s 
all  we’ve  got. » 


WHAT  DO  YOU  THINK? 

This  week’s  journal  is  written  by  a  real 
security  manager,  “C.J.  Kelly,"  whose  name 
and  employer  have  been  disguised  for 
obvious  reasons.  Contact  her  at  mscjkeliy® 
yahoo.com,  or  join  the  discussions  in  our 
security  blogs:  computerworld.com/ 
blogs/security 

To  find  a  complete  archive  of  our  Security 
Manager's  Journals,  go  online  to 

computerworld.com/secjournal 


HIPAA  Security 
Compliance  Up 

According  to  a  survey 
conducted  by  the  Ameri¬ 
can  Health  Information 
Management  Association, 
compliance  with  the  se¬ 
curity  rules  of  the  Health 
Insurance  Portability  and 
Accountability  Act  is  on  the 
rise.  Of  1,117  hospitals  and 
health  systems  responding 
to  this  year’s  survey,  75% 
said  they  were  at  least  85% 
compliant  with  HIPAA’s 
information  security  rules, 
up  from  60%  last  year.  But 
compliance  with  HIPAA's 
privacy  rules  declined. 


Man  Charged  With 
Hacking  Database 

A  25-year-old  network  ad¬ 
ministrator  in  San  Diego  has 
been  charged  with  hacking 
into  a  computer  system  at  the 
University  of  Southern  Cali¬ 
fornia  and  accessing  confi¬ 
dential  information  submitted 


by  more  than  275,000  stu¬ 
dents  applying  to  the  school. 
Eric  McCarty  was  named 
in  a  criminal  complaint  that 
charged  him  with  knowingly 
transmitting  a  code  or  com¬ 
mand  to  intentionally  cause 
damage  to  USC’s  online  ap¬ 
plication  system. 

bbrbb&b 

Spam  Case  Settled 


The  Federal  Trade  Commis¬ 
sion  has  settled  with  two 
Washington  state  residents 
who  sent  millions  of  unso¬ 
licited  commercial  e-mail 
messages  in  violation  of  the 
CAN-SPAM  Act.  Matthew 


Olson  and  Jennifer  LeRoy 
sent  spam  with  false  “From” 
data  and  misleading  subject 
lines;  they  also  failed  to  pro¬ 
vide  a  way  for  recipients  to 
opt  out  of  receiving  future 
e-mails.  Olson  and  LeRoy 
have  agreed  not  to  violate 
the  law  again.  A  suspended 
$45,000  judgment  will 
be  reinstated  if  evidence 
emerges  indicating  that  they 
have  misrepresented  their 
financial  condition. 
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»  Are  your  remote  and  branch  office  users  fightin’  mad  about  poor  application 
performance?  Don’t  get  frustrated,  get  Juniper  Networks’  award-winning  application 
acceleration  solutions  -  and  dramatically  improve  the  performance  of  your  web  site 
and  networked  apps.  Then  everyone  will  enjoy  a  dramatically  better  network  experience, 
while  you  improve  productivity  and  reduce  network  and  infrastructure  costs.  Visit 
www.juniper.net/freetrial  for  your  free  trial  and  customized  Network  Health  Report. 
Quick,  Juniper  your  net. 
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LogMeln  Offers  PC 
Backup  Service 

a  LogMeln  Inc.,  a  vendor  of 
remote  access  products  and 
services,  has  announced  a  new 
backup  service  that’s  designed 
to  allow  computer  users  to 
automatically  back  up  files  over 
a  secure  connection  between 
any  number  of  remote  or  local 
computers.  The  basic  LogMeln 
Backup  network,  which  is 
available  now,  costs  $6.95  per 
month  and  includes  the  software 
for  two  PCs,  according  to  the 
Woburn,  Mass.-based  company. 


Accsense  Launches 
Sensor  Pod  Line 

■  Accsense  Inc.  in  Santa  Bar¬ 
bara,  Calif.,  has  introduced  a 
turnkey  wireless  sensor  product. 
It’s  designed  to  measure  a  wide 
range  of  physical  properties  and 
makes  real-time  measurements 
available  online  for  any  computer 
or  Web-enabled  device,  says  the 
company.  The  Accsense  product 
line  includes  wireless  sensor 
pods  that  measure  ambient  tem¬ 
perature,  humidity,  light,  noise 
and  vibration.  The  pods,  which 
are  compatible  with  a  range  of 
standard  external  plug-in  sen¬ 
sors  and  probes,  range  in  price 
from  $295  to  $635,  depending 
on  the  combination  of  measure¬ 
ments  and  inputs.  The  Accsense 
hosted  online  service  is  available 
on  a  monthly  subscription  basis. 


Zmanda  Rolls  Out 
Open-source  App 

■  Zmanda  Inc.  has  unveiled  its 
first  enterprise-class  corpo¬ 
rate  data  protection  software. 
Amanda  Enterprise  Edition  is 
a  commercial-grade  version  of 
the  widely  used  Amanda  open- 
source  backup  and  recovery  soft¬ 
ware;  it  was  built  to  address  the 
requirements  of  corporate  com¬ 
puting,  with  a  focus  on  security 
and  usability,  according  to  the 
Sunnyvale,  Calif.-based  vendor. 
Available  as  part  of  a  subscrip¬ 
tion  to  Zmanda  Network  -  a  suite 
of  enterprise-ready  software  and 
services  -  Amanda  Enterprise 
Edition  ranges  in  price  from  $50 
to  $250  per  protected  system. 
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RFID  Security  Worries 
Need  a  Reality  Check 


SOMETIMES  our  anxieties  about  security 

make  us  lose  sight  of  how  a  technology  is  used. 
Such  is  the  case  with  radio  frequency  identifi¬ 
cation,  a  proven  technology  that  delivers  big 
efficiencies  and  has  yet  to  experience  a  con¬ 
firmed  hacker  attack  in  the  wild. 


But  RFID  has  seen  many 
tightly  controlled  “proof-of- 
concept”  exploits,  widely 
publicized  by  academic 
researchers  to  showcase 
RFID  vulnerabilities  that  in 
reality  pose  less  risk  than  an 
old  flu  virus.  Don’t  look  for 
criminals  to  unleash  these 
exploits  anytime  soon.  They 
understand  that  what  little 
they  could  gain  is  simply  is 
not  worth  the  effort. 

In  April,  academics  at 
Edith  Cowan  University  in 
Australia  created  an  RFID 
denial-of-service  exploit, 
and  researchers  at  Vrije  Universiteit 
Amsterdam  publicized  an  RFID  virus. 
Those  two  hacks  question  the  integrity 
and  availability  of  the  first  generation 
of  Electronic  Product  Code  RFID  chips 
from  EPC  Global  ( www.epcglobalinc.org ), 
an  industry  standards  body  working  to 
streamline  and  secure  supply  chains. 

These  proof-of-concept  EPC  RFID 
attacks  could  make  the  drying  time  of 
paint  seem  quick.  Information  criminals 
operating  behind  the  virtual  anonymity 
of  the  Internet  have  shown  scant  interest 
in  supply  chain  applications.  There  are 
no  bragging  rights  on  hacker  Web  sites 
for  exploits  launched  against  physical 
goods.  Confusing  handlers  of  pallets 
loaded  with  dog  food  or  diapers,  or  even 
diverting  containers  filled  with  toys  or 
consumer  electronics,  gets  you  flamed 
as  a  bottom  feeder  in  the  information 
underworld. 

Trafficking  in  hard  goods  tradition¬ 
ally  has  been  blue-collar  street  crime, 
the  stuff  of  film  noir  gangsters,  crooked 
dockworkers  and  teamsters  with  ready 
distribution  channels  for  stolen  goods. 
The  Internet’s  promise  of  disinterme¬ 


diation  ( http://en.wikipedia . 
org/wiki/Disintermediation) 
is  simply  not  as  appealing 
to  the  stolen-goods  under¬ 
world  as  it  is  to  legitimate 
distributors. 

Stolen  goods  are  not  eas¬ 
ily  converted  to  cash  on  the 
Internet.  Information  crimi¬ 
nals  constantly  try  to  sell 
stolen  goods  via  hijacked  or 
bogus  eBay  accounts,  other 
online  sales  channels,  or 
through  networks  of  unsus¬ 
pecting  surfers  conned  by 
offers  too  good  to  be  true. 
The  distribution  of  stolen 
physical  goods  on  the  Internet  is  risky 
and  costly  because  lots  must  be  broken 
into  small  pieces  to  escape  notice  and 
there  is  an  audit  trail  to  threaten  prized 
anonymity. 

Information  criminals  steal  informa¬ 
tion  that’s  readily  convertible  to  cash, 
not  meaningless  EPC  RFID  inventory 
data.  The  people  who  design  EPC  stan¬ 
dards  know  far  more  about  the  risk  to 
supply  chains  than  cloistered  academics 
engineering  these  meaningless  proof-of- 
concept  exploits. 

The  EPC  initiative  is  backed  by  com¬ 
panies  that  suffer  billions  of  dollars  in 
global  supply  chain  losses  every  year. 
They  have  performed  a  rigorous  risk 
analysis  and  concluded  that  the  effect 
of  a  supply  chain  exploit  targeting 
EPC  chips  is  relatively  low.  They  also 
have  determined  that  the  probability 
of  seeing  a  wave  of  hacks  on  EPC  chips 
is  similarly  low. 

The  probability  is  even  less  with  the 
second  generation  of  EPC  chips  that  is 
replacing  the  generation  currently  in 
mainstream  usage.  Second-generation 
EPC  chips  have  stronger  authentication, 
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encryption  and  traceability,  giving  au¬ 
thorities  a  multitude  of  tools  to  correlate 
with  back-end  databases  to  thwart  sup¬ 
ply  chain  exploits. 

The  Defense  Department,  a  very  large 
EPC  user,  has  accepted  the  risk  posed  by 
RFID  to  the  armed  forces’  logistics  chain. 
The  high-impact  RFID  threat  is  terror¬ 
ists  with  weapons  of  mass  destruction 
masquerading  as  real  cargo  behind  an 
EPC  chip.  The  threat  of  terrorists  using 
counterfeit  or  stolen  RFID  chips  is  one 
element  that  contributed  to  the  beefed- 
up  authentication  and  traceability  in 
second-generation  EPC  chips. 

Information  criminals  remain  fixated 
on  the  proven  formula  of  robbing  banks, 
because  that’s  where  the  money  is.  This 
means  hackers  are  likely  to  devote  more 
effort  to  stealing  personal  and  sensitive 
information  from  RFID  chips  used  in 
banking  and  identity  applications  than 
in  supply  chain  operations.  These  RFID 
chips  span  a  much  broader  technol¬ 
ogy  spectrum,  with  multiple  industry 
standards  and  proprietary  technologies 
being  used  to  store,  transmit  and  secure 
the  information. 

The  banking  industry  eschews  the 
RFID  acronym  and  has  developed  stan¬ 
dards  for  “contact”  and  “contactless” 
cards.  The  most  common  type  of  contact 
card  is  the  ubiquitous  magnetic-stripe 
variety.  Newer  contactless  cards  are 
replacing  magnetic-stripe  cards  in  many 
applications,  and  the  standard  limits  the 
reading  distances  of  those  cards  to  10 
centimeters  —  4  inches. 

Those  cards  are  highly  configurable 
and  support  both  symmetrical  and 
asymmetrical  key  encryption  for  data 
stored  on  the  card  and  in  transit.  Despite 
some  sophisticated  and  widely  publi¬ 
cized  proof-of-concept  academic  crypt¬ 
analysis  exploits  —  which  are  very  dif¬ 
ficult  to  reproduce  in  the  wild  —  don’t  feel 
compelled  to  buy  an  RF-shielded  wallet 
to  protect  these  cards.  History  tells  us 
that  a  single  server  exploit  will  produce 
a  bigger  information  bonanza  than  the 
entire  universe  of  RFID  hacks. » 
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Squeezing  Dollars  From  Maintenance 

Savvy  IT  execs,  such  as  Anthony  Abbattista 
at  Allstate  Insurance  (right),  are  going  beyond 
rote  hardware  and  software  consolidations  to 
reduce  IT  maintenance  and  operations  costs 
and  liberate  additional  capital  for  discretion¬ 
ary  projects.  PAGE  40 


Career  Watch 

The  need  for  IT  marketing  skills 
is  on  the  rise;  the  best  high-tech 
jobs  may  not  be  in  the  locales 
with  the  most  overall  job  growth; 
and  IT  workers’  confidence 
reaches  giddy  heights.  PAGE  44 


OPINION 

How  to  Learn  with  Peers 

Paul  Glen  notices  that  IT  managers  often  miss 
opportunities  for  valuable  peer-to-peer  learn¬ 
ing.  He  suggests  ways  to  build  an  environment 
that  fosters  eureka  interactions  with  col¬ 
leagues.  PAGE  44 


SAVING 
FACE  IN 

CHINA 


Good  IT  systems  can  help 
bridge  a  critical  cultural  gap. 

BY  MARIA  TROMBLY 

SHANGHAI  —  In  the  West,  companies  want  to  put 
on  a  good  face  for  customers,  even  if  it  means  having 
to  admit  mistakes.  Righting  wrongs  is  a  big  part  of  a 
good  public  image,  and  a  good  internal  image  as  well. 

In  the  East,  particularly  at  traditional  companies, 
saving  face  is  important.  Saving  face  means  that  you 
don’t  admit  your  own  mistakes  and  you  don’t  publicly 
humiliate  co-workers  by  exposing  their  mistakes. 

This  can  create  management  challenges  for  com¬ 
panies  doing  business  in  China.  Foreign  companies 
are  particularly  vulnerable,  since  a  Chinese  employee 
who  admits  to  making  a  mistake  not  only  shames 
himself,  but  also  brings  shame  to  his  country  in  front 
of  foreign  visitors.  As  a  result,  simple  problems  left 
undiscovered  can  easily  grow  into  full-blown  crises. 

One  manager  at  an  international  company  in 
Shanghai  says  he  routinely  sends  foreign  employees 
to  give  bad  news  to  customers,  since  foreigners  don’t 
get  embarrassed  as  easily.  (Some  of  the  people  inter¬ 
viewed  for  this  story  did  not  want  their  names  used 
because  “face”  is  a  sensitive  topic.) 

TECHNOLOGY  FOR  TRANSPARENCY 

“This  is  one  of  the  critical  areas  that  we  have  to  face 
upfront,”  says  How  Newseng,  general  manager  at 
Fairchild  Semiconductor  Corp.  in  Suzhou,  located 
near  Shanghai.  The  company’s  global  headquarters 
is  in  South  Portland,  Maine. 

How  says  that  one  way  of  addressing  the  face¬ 
saving  problem  is  to  have  good  technology  in  place 
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to  automate  reporting  functions.  “We  want  to  take 
out  any  personal  involvement  in  the  system,”  he  says. 
Using  PeopleSoft  software  “allows  us  to  have  good 
detection  if  anything  goes  wrong,”  How  explains. 

But  Chinese  people  aren’t  unique  in  not  wanting 
to  pass  on  bad  news.  “Other  countries  in  Asia  find  it 
difficult,”  says  John  Oska,  regional  supply  chain  man¬ 
ager  for  the  Asia-Pacific  region  at  Sealed  Air  Packag¬ 
ing  Co.,  a  Shanghai-based  division  of  Sealed  Air  Corp. 
in  Saddle  Brook,  N.J.  The  company  currently  has  two 
small  plants  in  China  and  is  building  a  new  plant  in 
Shanghai. 

“Sales  reps  in  countries  such  as  Indonesia  are  reluc¬ 
tant  to  advise  customers  that  a  shipment  is  late  or  not 
to  spec  until  the  customer  calls  to  complain,”  Oska  says. 

One  of  the  ways  around  that  problem  is  to  give  the 
customer  direct  access  to  the  information,  he  says, 
but  many  of  his  company’s  local  suppliers  aren’t  ca¬ 
pable  of  providing  that  level  of  IT-enabled  visibility. 
Fortunately,  it’s  a  lot  easier  to  demand  visibility  inter¬ 
nally,  and  Sealed  Air  is  rolling  out  SAP  4.7  this  year  to 
do  just  that. 

Shanghai  General  Motors  Co.  is  also  implementing 
SAP  software  this  year,  and  it’s  making  a  concerted 
effort  to  improve  the  reporting  systems  of  its  suppli¬ 
ers  as  well.  The  exploding  pace  of  growth  of  China’s 
automotive  sector  makes  good  systems  a  neces¬ 
sity,  says  Chris  Gubbey,  executive  vice  president  at 
Shanghai  GM,  a  50-50  joint  venture  between  General 
Motors  Corp.  and  a  local  partner,  Shanghai  Automo¬ 
tive  Industrial  Corp. 

GM  first  came  to  China  in  1999.  By  2005,  China 
had  become  the  second-largest  market  in  the  world 
for  the  company.  “It  is  the  world’s  fastest-growing  ve¬ 
hicle  market,”  says  Gubbey,  noting  that  the  number  of 
cars  GM  has  sold  in  China  has  grown  from  30,000  in 
2000  to  an  expected  400,000  this  year.  That  pace  of 


NOT  ALL  COMMUNICATION  problems  in  China  are  cultural. 

Lenovo  Group  Ltd.,  the  computer  maker  that  recently 
acquired  IBM’s  PC  division,  had  problems  getting  sales 
reports  from  the  small  stores  that  sold  its  computers. 

It  found  that  while  midsize  distributors  were  using  a 
browser-based  system  and  larger  distributors  filed  XML 
feeds,  the  mom-and-pop  stores  weren’t  hooked  up  to  the 
Internet. 

Still,  everybody  had  a  cell  phone,  says  Wu  Ying,  execu- 
tive  director  of  business  transformation.  So  a  year  ago, 
Lenovo  put  in  place  a  cell-phone-based  sales  reporting 
system,  and  now  mom-and-pop  store  owners  send  Short 
Messaging  Service  messages  on  their  cell  phones.  “It’s 
unique,”  he  says. 

Today,  at  least  85%  to  90%  of  all  distributors  file  sales 
data,  enough  to  enable  accurate  forecasting  and  to  help 
Lenovo  know  when  to  offer  promotions.  “If  our  eyes  are 
blind,  then  we  will  lose  the  game,”  says  Wu. 

-  MARIA  TROMBLY 
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growth  puts  significant  stresses 
on  the  technology  infrastructure, 
he  says. 

“At  the  beginning,  everyone 
was  paper-driven,”  according  to 
Gubbey,  who  deals  with  276  local 
suppliers.  “But  with  the  volume 
expansion  and  the  complexity 
expansion,  they  can’t  survive 
that  without  systems  in  place  for 
managing  it.” 

As  a  result  —  and  despite  a 
vicious  price  war  and  ongoing 
cost-cutting  —  Shanghai  GM 
demands  good  management  sys¬ 
tems  from  its  suppliers. 

“You  don’t  get  to  talk  about 
price  until  you’ve  met  quality, 
service  and  technology  require¬ 
ments,”  Gubbey  says.  “When  they 
have  transparency,  they  react 
to  things  more  quickly.  If  some¬ 
thing  goes  wrong,  you  see  it  right 
away.” 

PERSUADING  SUPPLIERS 

Not  all  companies  have  that  kind  of  leverage  with 
suppliers,  though.  Wilfredo  Tan  is  the  managing  di¬ 
rector  of  the  Asian  supply  chain  at  Reston,  Va.-based 
World  Kitchen  Inc.  He  works  with  hundreds  of  fac¬ 
tories  in  China  as  he  looks  for  companies  to  produce 
ceramics,  cookware  and  kitchenware  —  goods  that 
are  then  sold  through  leading  retailers  and  the  com¬ 
pany’s  own  stores. 

World  Kitchen  uses  SAP  internally,  but  it  can  be 
difficult  to  convince  a  supplier  that  an  ERP  system 
is  worth  it.  “Technology  is  the  largest  chunk  of  the 
challenge,”  he  says.  “Not  many  companies  are  start¬ 
ing  to  invest  in  technology,  though  they  are  upgrad¬ 
ing  their  manufacturing  equipment.” 

When  a  supplier  does  have  an  ERP  system  in¬ 
stalled,  it  makes  a  big  difference,  Tan  says.  “Without 
ERP,  we  have  to  have  on-site  people  at  that  factory. 
We  monitor  everything,”  he  says. 

To  encourage  IT  investments,  World  Kitchen’s 
technical  experts  work  with  its  suppliers.  “Our  IT  peo¬ 
ple  come  out  and  do  their  own  evaluation,”  Tan  says. 
“We  walk  them  through  what  we  want  them  to  have.” 

Having  an  ERP  system  in  place  helps  alleviate 
some  of  the  cultural  barriers  to  communication  be¬ 
tween  Chinese  suppliers  and  Western  companies, 

Tan  says.  “It  makes  it  more  convenient  to  communi¬ 
cate  with  each  other  and  helps  with  forecasting  and 
planning,”  he  explains. 

An  ERP  system  is  also  a  good  indicator  that  a  sup¬ 
plier  has  internal  processes  and  procedures  under 
control,  Tan  adds.  “If  they  don’t  have  ERP,  their  pro¬ 
cedures  are  a  little  unstable.” 

TAKING  CHARGE 

Some  international  companies  take  matters  into  their 
own  hands  and  build  complete  planning  systems 
for  their  suppliers.  A  director  for  one  such  company, 
who  did  not  want  his  name  used,  says  that  getting  a 
straight  answer  can  be  very  difficult,  and  people  in 
China  are  sometimes  reluctant  to  take  responsibility. 
“We’ve  been  burned  way  too  often,”  he  says. 


Good  technology  can  be  very  helpful,  he  says,  but 
an  ERP  system  doesn’t  solve  cultural  problems  all  by 
itself.  “There  are  plenty  of  people  with  ERP  systems 
having  a  tough  time,”  he  says.  “If  you  put  in  a  system, 
how  do  you  know  the  data  is  correct?  People  are  very 
good  at  pretending  to  do  what  they’re  told.” 

Process  is  even  more  critical  than  technology,  ac¬ 
cording  to  the  director.  “The  system  is  secondary. 

We  spend  90%  of  our  time  on  processes  rather  than 
systems  installation,”  he  says.  “We  spent  two  and  a 
half  years  on  change  management  before  we  spent 
one  cent  on  putting  in  a  planning  system.” 

Since  his  suppliers  had  no  IT  systems  at  all,  his 
company  was  able  to  write  a  system  for  the  suppli¬ 
ers  and  host  it  for  them.  “It’s  something  we  can  do 
cheaply  here,”  he  says. 

Chinese  companies  are  increasingly  using  ERP 
systems  as  a  way  to  demonstrate  reliability  to  foreign 
customers,  says  Scot  McLeod,  marketing  vice  presi¬ 
dent  at  Ross  Systems  Inc.,  an  Atlanta-based  ERP  ven¬ 
dor.  “Especially  if  they’re  producing  goods  for  export, 
there’s  hefty  demand  to  provide  assurance  to  their 
customers  that  it  is  a  quality  product  and  that  they 
will  be  able  to  deliver  it  in  a  timely  fashion,”  he  says. 
Ross,  which  has  about  150  customers  in  China,  was 
acquired  by  Hong  Kong’s  CDC  Corp.  in  2003. 

But  in  China,  all  ERP  systems  are  not  created  equal. 
They  must  be  equipped  to  handle  double-byte  char¬ 
acters,  since  written  Chinese  is  not  alphabet-based. 
Most  of  McLeod’s  customers  are  multinational  com¬ 
panies  based  in  North  America,  Europe  or  Japan. 

“The  companies  that  come  from  overseas  have  a 
strong  need  to  have  systems  that  give  them  strong 
control  and  visibility,”  he  says.  “Especially  if  they’re 
setting  up  operations  for  the  first  time,  they’re  taking 
a  risk.  The  quality  of  the  labor  is  a  risk;  the  quality  of 
the  local  management  is  a  risk.  They’re  looking  for 
ways  to  reduce  the  risks  that  they  are  taking.  By  put¬ 
ting  a  system  in  place,  it  gives  them  the  control  they 
need  to  do  that.” » 


Trombly  is  a  freelance  writer  in  Shanghai.  Contact  her 
at  maria.trombly@gmail.com. 
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implementations,  including  how  these  projects  are 
financed,  managed  and  delivered.  All  case  studies  are 
presented  by  Premier  1 00  honorees. 

To  apply  for  complimentary  registration: 

•  Visit  www.premier100.com/regional 

•  Or  call  Jean  Lee  at  1-888-299-0155 


8:45am  -  9:30am 


Opening  Featured  Speaker 

Farzad  Golshani,  Vice  President  - 
IT  Infrastructure,  Transamerica 


9:30am  -  1 0:00am 


1 0:00am  -  1 0:30am 


IT  End  User  Case  Study: 

Chicago  Mercantile  Exchange,  Inc. 

Jim  Krause,  Managing  Director  and  Chief 
Information  Officer,  Chicago  Mercantile 
Exchange,  Inc. 

IT  End  User  Case  Study: 

Lafayette  Consolidated  Government 

Keith  Thibodeaux,  Chief  Information  Officer, 
Lafayette  Consolidated  Government 


1 0:30am  -  1 1 :00am  Refreshment  and  Networking  Break 


1 1 :00am  -  1 1 :30am 


IT  End  User  Case  Study:  Integra  Ltd. 

Fred  Danback,  Head  of  Global  Technology 
Services,  Integra  Ltd. 


1 1 :30am  -  1 2:00pm  IT  End  User  Case  Study 

1 2:00pm  -  1 2:45pm  Panel  Discussion:  IT  Infrastructure 

Moderator:  Julia  King,  National  Correspondent  and 
Executive  Editor,  Events,  Computerworld 
Panelists:  Jim  Krause,  Managing  Director  and  CIO, 
Chicago  Mercantile  Exchange,  Inc.;  Keith  Thibodeaux, 
Chief  Information  Officer,  Lafayette  Consolidated 
Government;  Fred  Danback,  VP  Global  Technology, 
XL  Global  Services 


1 2:45pm  -  2:00pm 


Networking  Lunch 


'Complimentary  registration  is  limited  to  qualified 
IT  end  user  professionals. 
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ANTHONY  ABBATTISTA, 

vice  president  of  enterprise 
technology  strategy  and 
planning,  Allstate  Insurance  Corp 
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Creativity  and  discipline  can  liberate  capital  for 
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discretionary  projects.  By  Thomas  Hojfn 


man 


vm 


IT’S  A  conundrum  many  IT 
executives  face:  how  to  drive 
down  spending  on  IT  main¬ 
tenance  and  operations  to 
free  up  capital  for  discretion¬ 
ary  IT-business  projects. 

The  problem  requires  cre¬ 
ative  thinking  on  the  part  of 
CIOs  who  have  already  taken  pains  to 
reduce  IT  costs  in  response  to  finan¬ 
cial  pressures  from  CEOs  and  chief 
financial  officers.  Many  IT  chiefs  have 
plucked  the  so-called  low-hanging  fruit 
such  as  hardware  consolidation  and 
standardization  and  have  renegotiated 
software  licensing  agreements,  making 
it  increasingly  difficult  to  find  new 
avenues  for  operational  savings.  But 
senior  business  leaders  continue  to 
yell  “Cut!” 

“I  look  at  maintenance  as  a  bucket 
that’s  swashing  around  with  lots  of 
holes  in  it,”  says  Anthony  Abbattista, 
vice  president  of  enterprise  technol¬ 
ogy  strategy  and  planning  at  Allstate 
Insurance  Co.  in  Northbrook,  Ill.  The 
idea,  says  Abbattista,  is  to  determine 
how  much  money  is  leaking  through 
those  holes  and  figure  out  a  way  to  plug 
them  up. 

One  technique  that  world-class  IT 
shops  have  been  using  to  control  IT 
operational  costs  is  to  set  up  centers 
of  excellence  where  IT  workers  are 
grouped  by  areas  of  expertise  such  as 
data  center  management,  Java  or  .Net 
development,  says  Anton  Kritzinger,  a 
consultant  at  Compass  North  America 
in  Toronto.  “Rather  than  having  a 
number  of  groups  that  are  good  at  what 
they  do,  you  end  up  with  one  that  is 
very  good  at  what  they  do,”  says  Kritz¬ 
inger.  “The  payback  is  significant.” 

Allstate  has  done  this  successfully. 
“The  first  thing  we  did  was  look  for 
duplicative  activities  where  differ¬ 
ent  organizations  were  doing  similar 
things,”  says  Abbattista.  Beginning  in 
February  2003,  the  company’s  IT  de¬ 
partment  made  structural  changes  to 
create  technology  groups  that  handled 
common  activities  across  the  organiza¬ 
tion,  he  says. 

Around  the  same  time,  Allstate  also 
began  conducting  “white-collar  time¬ 
keeping”  to  help  Abbattista  and  other 
IT  managers  track  which  projects  IT 
staffers  were  working  on  at  any  given 
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Waste  Not 


Other  avenues  for  maintenance  savings: 

■  LICENSED  SOFTWARE.  Large  corpo¬ 
rate  customers  rarely  go  back  to  review  the 
number  of  employees  who  are  actually  us¬ 
ing  a  licensed  software  system,  even  after 
staff  cutbacks. 

■  SOFTWARE  MAINTENANCE.  Instead 
of  paying  the  vendor  18%  to  22%  (on 
average)  of  annual  licensing  fees  for  main¬ 
tenance,  shop  around.  There’s  a  growing 
number  of  third-party  maintenance  vendors 
available,  and  many  offer  maintenance  at  a 
fraction  of  the  cost. 

■  LABOR  The  biggest  IT  cost  category 
is  people.  Consider  using  offshore  labor  or 


putting  some  maintenance  work  out.  for  bid. 

■  BUSINESS-BASED  SIZING.  Few  IT 
managers  have  looked  at  the  size  of  their 
companies  and  tried  to  determine  the 
number  of  servers,  mainframe  processors, 
printers  and  other  devices  they  really  need 
in  order  to  support  the  organization.  It  may 
be  smaller  than  you  think. 

■  CREATIVE  FINANCING.  Approaches 
include  establishing  lines  of  credit  with 
finance  providers  to  lease  hardware,  or 
classifying  hardware  leases  as  operating 
leases  so  the  equipment  isn’t  listed  on  the 
balance  sheet  as  debt. 

-  THOMAS  HOFFMAN 


time.  Through  these  efforts,  which  in¬ 
clude  benchmarking  its  IT  skills  costs, 
Allstate  has  shifted  the  percentage  of 
annual  IT  spending  in  operations  and 
maintenance  from  more  than  70%  in 
2003  to  between  30%  and  35%  today, 
says  Abbattista.  Each  year  since  2003, 
Allstate  has  reinvested  “a  few  hundred 
thousand  dollars”  in  savings  generated 
by  the  centers  of  excellence  toward  dis¬ 
cretionary  IT  spending,  he  adds. 

Some  of  Allstate’s  projects  that  have 
benefited  from  the  cost  savings  include 
a  “huge  investment”  to  modernize  ana¬ 
lytic  systems  throughout  the  company. 
The  project,  which  was  launched  in 
January  2003  and  will  conclude  later 
this  year,  has  yielded  “great  payback 
and  hasn’t  required  any  incremental 
funding,”  Abbattista  says. 

Banking  on  Benchmarking 

To  help  reduce  its  IT  maintenance 
costs,  Royal  Bank  of  Canada  (RBC) 
makes  extensive  use  of  benchmarking 
services  from  vendors  such  as  Com¬ 
pass  North  America  and  Gartner  Inc. 
They  help  the  bank  measure  its  IT 
operating  costs  against  those  of  other 
world-class  companies  and  identify 
processes  it  can  improve  to  run  those 
activities  more  cost-effectively. 

“My  budget  may  go  up  because  we’re 
driving  incremental  revenues  through 
the  mainframes,  so  that  may  be  a  good 
thing,”  says  Dick  Swadley,  executive 
vice  president  of  IT  infrastructure 
at  the  Toronto-based  bank.  But  “that 
may  not  tell  the  story  that  the  business 
needs  to  know”  when  it  comes  to  dem¬ 
onstrating  the  steps  his  group  is  taking 
to  hold  down  the  bank’s  IT  infrastruc¬ 
ture  costs,  he  says.  Benchmarking 
helps  Swadley  clarify  both  costs  and 
savings. 

For  instance,  RBC’s  IT  infrastruc¬ 
ture  group  has  benchmarked  the  costs 
of  buying,  operating  and  maintaining 
its  PC  LANs  three  times  in  the  past 
seven  years.  By  benchmarking  these 
and  other  IT  unit  costs,  RBC  has  been 
able  to  identify  improvements  it  could 
make  to  streamline  those  operations 
and  have  them  run  more  efficiently. 
Swadley  estimates  that  the  bank  has 
been  able  to  drive  down  its  IT  infra¬ 
structure  expenses  by  5%  to  8%  annu¬ 
ally  by  applying  these  lessons. 

Benchmarking  allows  RBC  to  docu¬ 
ment  the  areas  where  its  efficiency  and 
costs  are  improving  and  to  show  the 
effect  of  activities  that  were  started 
since  the  last  benchmark,  Swadley 
says.  Still,  he  doesn’t  recommend 
benchmarking  any  particular  area 
more  often  than  once  every  two  or 
three  years,  since  IT  departments  need 


to  allow  enough  time  for  any  opera¬ 
tional  changes  they  might  implement 
to  bear  fruit. 

Motoring  Past  Maintenance 

When  Rich  Hoffman  joined  Hyundai 
Motor  America  in  Fountain  Valley, 
Calif.,  as  CIO  in  early  2003,  about  90% 
of  the  company’s  annual  IT  spending 
was  going  to  maintenance  and  opera¬ 
tions,  and  just  10%  was  earmarked  for 
projects  that  were  deemed  important 
by  its  business  leaders. 

Hoffman  immediately  set  a  goal  of 
driving  half  of  all  IT  spending  into 
discretionary  projects. 

By  October  of  that  year,  49%  of 
Hyundai’s  IT  spending  was  being 
pumped  into  new  projects.  How  was 
Hoffman  able  to  turn  the  ship  around 
so  quickly?  Two  ways:  by  tracking  its 
internal  and  contract  labor  resources 
more  effectively,  and  by  enacting 
more  stringent  quality-control  require¬ 
ments  around  Hyundai’s  application- 
development  projects,  he  says. 

“A  horrendous  amount  of  unmoni¬ 
tored  resources  were  going  toward 
minor  break-fixes  that  were  unsched¬ 
uled,”  says  Hoffman.  When  he  first 
joined  Hyundai,  93%  of  applications 
that  were  developed  internally  required 
at  least  one  bug  fix.  Now,  he  says,  that 
figure  has  been  whittled  to  4%. 

“Most  IT  organizations  lack  the 
discipline  to  run  good  business  proc¬ 
esses,”  like  tracking  labor  resources 
against  projects,  says  Hoffman,  a  25- 
year  IT  veteran. 

In  2003,  Hyundai  didn’t  have  an 
application-development  organization 
per  se.  Each  of  the  40  or  so  people  on 
the  IT  staff  was  responsible  for  devel¬ 
oping  and  maintaining  applications 


for  the  business  units  to  which  they 
were  assigned.  But  in  March  of  2005, 
the  company’s  IT  organization  was 
restructured  as  a  stand-alone  company, 
now  known  as  Hyundai  Information 
Services  North  America  LLC,  with 
Hoffman  as  the  president  and  CEO. 

Hoffman  has  challenged  his  man¬ 
agers  to  apply  a  much  more  rigorous 
approach  to  procuring  hardware,  soft¬ 
ware  and  services,  and  this  has  helped 
the  new  IT  organization  continue  to 
lower  its  operating  costs,  he  says. 

Spend  to  Save 

Joe  Trentacosta  walked  into  a  differ¬ 
ent  situation  when  he  became  CIO  at 
Southern  Maryland  Electric  Coopera¬ 
tive  (SMECO)  in  2003.  At  the  time,  the 
Hughesville,  Md.-based  electric  utility 
“had  a  pretty  neglected”  IT  infrastruc¬ 
ture  that  hadn’t  been  upgraded  for 
about  10  years,  he  says.  As  a  result,  80% 
to  90%  of  the  company’s  IT  spending 
over  the  next  few  years  went  toward 
updating  its  antiquated  IT  infrastruc¬ 
ture,  including  the  replacement  of  all 
50  of  its  Windows  and  Unix  servers 


A  horrendous 
amount  of 
unmonitored 
resources  were 
going  toward 
minor  break-fixes 
that  were 
unscheduled. 

RICH  HOFFMAN,  PRESIDENT  AND  CEO, 
HYUNDAI  INFORMATION  SERVICES 
NORTH  AMERICA  LLC 


and  the  creation  of  a  state-of-the-art 
data  center. 

But  the  $600,000  that  SMECO 
pumped  into  its  IT  infrastructure  in¬ 
vestments  has  had  a  net  positive  effect 
on  discretionary  project  spending.  The 
newer  systems  have  helped  push  down 
maintenance  costs  and  free  up  project 
funding.  And  by  outsourcing  the  com¬ 
pany’s  help  desk  operations  last  year, 
SMECO  was  able  to  increase  end-user 
support  from  50  hours  a  week  to  168 
while  lowering  its  help  desk  costs  by 
10%  annually,  says  Trentacosta. 

Now,  SMECO  is  allocating  about 
32%  of  its  annual  IT  spend  to  discre¬ 
tionary  projects,  he  says,  “and  we’re 
trying  to  drive  that  up.” 

Licensed  to  Save 

In  2000,  IT  managers  at  Burlington  Re¬ 
sources  Inc.  were  given  an  ultimatum 
by  top  brass:  Cut  its  geological  soft¬ 
ware  licensing  costs,  or  the  company 
would  outsource  the  management  of 
those  applications.  “It’s  amazing  what 
kind  of  motivation  that  can  be,”  says 
Dan  Shearer,  manager  of  technology 
enhancement  at  the  Houston-based 
energy  company. 

After  hiring  a  consultant  to  help  the 
company  get  its  arms  around  its  soft¬ 
ware  licensing  agreements,  IT  manag¬ 
ers  at  Burlington  Resources  discovered 
that  many  of  its  licenses  were  under¬ 
used  or  unused.  In  2001,  the  company 
began  deploying  software  from  Open 
IT  Inc.  in  Houston  to  monitor  its  use 
of  high-end  software  for  global  oil  and 
gas  exploration. 

The  monitoring  software  has  helped 
Burlington  Resources  pinpoint  which 
geological  software  is  being  used  in 
which  offices  and  by  whom,  says  Shear¬ 
er,  and  that  has  highlighted  opportu¬ 
nities  for  savings.  For  example,  prior 
to  deploying  Open  IT,  Burlington  Re¬ 
sources  was  licensing  geological  soft¬ 
ware  only  on  a  local  basis,  he  says.  By 
shifting  to  a  mix  of  regional  and  global 
software  licenses,  the  company  was 
able  to  reduce  its  software  expenses  by 
$5  million  between  2002  and  2005. 

“It  was  quite  shocking,”  says  Shearer. 
“No  one  was  prepared  for  this  [license¬ 
monitoring  tool]  to  work  as  well  as  it 
did.” 

Burlington  Resources  has  been  able 
to  channel  all  the  savings  into  discre¬ 
tionary  projects,  including  the  develop¬ 
ment  of  an  environmental  health  and 
safety  system  and  a  learning  manage¬ 
ment  system  that  was  on  the  verge 
of  being  abandoned.  “That  project 
never  would  have  made  it  if  the  dollars 
weren’t  available,”  says  Shearer.  “It  was 
at  the  bottom  of  the  queue.”  » 
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us  Research  Inc., 
Wellesley,  Mass. 


Savvy  CIOs  and  IT 
consultants  fre¬ 
quently  point  out 
the  need  for  good 
communication 
between  IT  and 
business  professionals.  Some  IT  ex¬ 
ecutives  take  this  recommendation 
a  step  further  and  actively  market 
an  IT  department’s  capabilities  to 
senior  business  leaders  via  service 
catalogs  and  other  techniques. 

Perhaps  that  helps  explain  why 
half  of  the  60  IT  and  business  exec¬ 
utives  who  responded  to  a  February 
online  survey  conducted  by  Nucleus 
Research  cited  IT  marketing  as  the 
most  important  skill  they  need  to 
develop  within  their  staffs. 

Computerworld's  Thomas  Hoff¬ 
man  spoke  with  Rebecca  Wette¬ 
mann  about  the  types  of  skills  that 
survey  respondents  say  are  in 
strongest  demand  and  the  reasons 
behind  this. 


Why  are  IT  marketing  skills  in  such  high 
demand?  I  think  really  being  able  to  promote 
what  you're  doing  is  becoming  an  important  skill 
to  develop. 

Plus,  the  need  to  develop  people  skills  is  be¬ 
coming  more  and  more  important. 


Yet  34%  of  respondents  cited  IT  strat¬ 
egy  and  planning  as  the  most  important 
nontechnical  skills  to  develop.  With 
the  increased  focus  on  [service-oriented 
architecture],  many  IT  managers  are  asking 
how  they  can  focus  their  resources  most  ef¬ 
fectively.  It’s  a  more  structured  focus  because 
SOA  is  enabling  people  to  get  out  of  the  code¬ 
building  race  and  leverage  what  they’ve  built 
to  provide  greater  value  to  the  company. 

Two-thirds  of  the  respondents  said 
help  desk  skills  are  the  most  important 
technical  skills  needed  in  the  IT  team. 
Why  is  that?  As  end  users  use  more 
applications,  they  may  be  having  more  of 
their  work  tied  to  using  these  applications. 
And  as  companies  get  more  involved  with 
security  provisions,  they’re  making  sure  the 
help  desk  gets  more  involved  in  supporting 
end  users. 

When  asked  which  IT  position  is  most 
difficult  to  hire  for,  the  highest  number 
of  respondents  -  33%  -  said  systems 
integration.  How  come?  I  think  it’s  hard  to 
find  those  people  because  those  skills  are  in 
such  high  demand  right  now. 

How  do  you  respond  to  skeptics  who 
insist  that  despite  research  that  cites 
strong  demand  for  technology  skills 
such  as  Java  and  .Net,  many  people 
with  those  skills  are  unemployed  or  un¬ 
deremployed?  The  actual  technology  skills 
are  very  important,  but  so  are  the  business 
management  and  project  management  skills 
that  go  with  them. 

It’s  a  three-legged  stool.  Yes,  you  need 
.Net  and  Java  skills,  but  have  you  developed 
the  business  management  and  project  man¬ 
agement  skills  to  map  out  a  project  plan  or 
work  effectively  with  a  project  team? 
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That’s  what  IT  pros 
have  to  do  with  the 
Milken  Institute’s 
Best  Performing  Cit¬ 
ies  ranking  of  the 
200  largest  U.S.  met¬ 
ropolitan  areas.  The 
think  tank  lists  the 
locales  based  on  five- 
and  one-year  growth 
in  jobs,  salaries 
and  gross  domestic 
product. 

But  if  you  check 
out  the  chart  on  the 
Milkenlnstitute.org 
Web  site,  be  sure 
to  scroll  over  to 
the  column  for  the 
“2004  high-tech  GDP 
location  quotient,”  a 
measure  of  high-tech 
concentration.  Do 
that,  and  No.  1  Palm 
Bay-Melbourne- 
Titusville,  Fla.,  still 
looks  pretty  good,  with  a  high-tech 
GDP  LQ  ranking  of  13.  But  Nos.  2 
through  5  on  the  Best  Performing 
Cities  list  all  drop  below  No.  100 
in  the  high-tech  GDP  LQ_ranking. 


High-Tech  Heaven 


Top  large  U.S.  metropolitan 
areas  for  high-tech  concentration, 


2004  (overall  ranking  is  in 
parentheses) 

1.  San  Jose-Sunnyvale- 
Santa  Clara,  Calif.  (185) 

2.  Boulder,  Colo,  (92) 

3.  Cambridge-Newton- 
Framingham,  Mass.  (142) 

4.  Durham,  N.C.  (106) 

5.  Huntsville,  Ala.  (28) 

6.  Seattle-Bellevue-Everett, 
Wash.  (127) 

7.  Albuquerque  (43) 

8.  Wichita,  Kan.  (189) 

9.  Colorado  Springs  (71) 

10.  Essex  County,  Mass.  (116) 


SOURCE:  MILKEN  INSTITUTE, 
SANTA  MONICA,  CALIF. 


Conversely,  metro 
San  Jose,  No.  1  in  high- 
tech  concentration,  is 
only  185  overall. 

Some  happy  me¬ 
diums  can  be  found: 
Huntsville,  Ala.,  is 
No.  28  overall  and 
No.  5  in  high-tech 
concentration,  and 
Albuquerque  ranks 
43rd  and  seventh, 
respectively.  But  be¬ 
fore  you  plan  a  move, 
keep  some  other  fac¬ 
tors  in  mind.  Both 
Huntsville  and  Albu¬ 
querque  are  relative¬ 
ly  small  metro  areas, 
and  Huntsville’s 
concentration  of 
high-tech  is  almost 
entirely  due  to  the 
presence  of  NASA. 

The  chart  is  inter¬ 
active,  so  just  click 
on  any  category  to  get  rankings. 

Milken  calls  its  report  the  2005 
Best  Performing  Cities,  but  all  data 
is  from  2004. 

— Jamie  Eckle 
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Confident,  Yes,  but  Let’s  Not  Get  Cocky 

IT  workers  are  almost  giddy  with  confidence,  according  to  the  Hudson 
Employment  Index.  The  index  is  calculated  monthly  for  the  U.S.  as  a  whole, 
for  various  regions  and  cities,  and  for  several  industries.  IT’s  confidence 
level  for  March  2006  towers  above  that  of  any  other  category,  whether  it 
be  an  industry  or  a  geographic  area.  A  look  at  IT  workers’  answers  to  three 
of  the  survey  questions  gives  you  an  idea  of  why  they’re  so  self-assured: 


Are  you  worried 
about  losing  your  job 
anytime  soon? 


Generally  speaking, 
are  you  happy  with 
your  current  job? 


BASE:  IT  EMPLOYEES  AMONG  9.442  WORKING  AMERICANS  SURVEYED  BY  PHONE 
SOURCE:  HUDSON  HIGHLAND  GROUP  INC..  APRIL  2006 


Over  the  course  of  the 
next  few  months,  will  your 
company  be  hiring  more 
workers,  laying  off  work¬ 
ers,  or  making  no  change 
in  the  workforce? 


Laying  off: 

18.8% 


No  opinion: 

5.8% 


;| 


n  June  5th,  227 Laureates 
from  23  countries  will  be 
honored  at  the  largest  global 
IT  award j  program. 

The  Computerworld  Honors  Program  recognizes 
individuals  and  organizations  from  around  the 
world  for  their  visionary  use  of  Information 
Technology  to  benefit  society.  The  top  technology 
leaders  of  the  world  come  together  in  June  in 
Washington,  D.C.,  to  honor  these  Laureates 
for  their  accomplishments. 

You’ll  find  exclusive  coverage  of  this  annual  event, 
including  profiles  of  Honoree  organizations,  online 
at  Computerworld.com  beginning  June  6  and  in 
print  in  Computerworld’s  June  12  issue. 

For  more  information  on  the  Computerworld 
Honors  Program,  visit  www.cwhonors.org. 
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Ooebel  to  Head  IT 
At  DHL  Express 

DHL  International  Ltd.,  a 
Plantation,  Fla.-based  express 
delivery  and  logistics  company, 
has  appointed  MARYANN  GOE¬ 
BEL  CIO  for  DHL  Express  in  the 
Americas/Asia-Pacific  region 
and  emerging  markets/Latin 
America.  Goebel  was  formerly 
CIO  at  General  Motors  North 
America. 


Hackenson  Chosen 
CIO  at  Lucent 

ELIZABETH  HACKENSON  has 
joined  Lucent  Technologies 
Inc.  in  Murray  Hill,  N.J.,  as  CIO. 
Hackenson,  who  previously  held 
a  similar  position  at  MCI  Inc., 
has  more  than  25  years  of  expe¬ 
rience  in  IT,  with  the  past  12  in 
the  telecommunications  industry. 
She  replaces  Ruth  Bruch,  who 
left  Lucent  recently  for  a  posi¬ 
tion  at  Kellogg  Co. 


TicketsNow  Hires 
Giannantonio  as  CTO 

TicketsNow,  a  Chicago-based 
online  marketplace  for  event 
tickets,  has  chosen  FRANK 
GIANNANTONIO  as  chief  technol¬ 
ogy  officer.  Previously,  Giannan¬ 
tonio  was  CIO  at  Lands’  End 
Inc.  and  Victoria’s  Secret  Direct 
LLC/The  Limited  Inc. 


Hartford  Life  Group 
Hires  Esposito 

The  Hartford  Financial  Services 
Group  Inc.  in  Hartford,  Conn., 
has  named  MARK  ESPOSITO 
as  CIO  for  its  individual  life 
division.  Esposito,  who  is  also 
vice  president  and  director  of 
business  technology,  will  be  a 
member  of  the  senior  planning 
group,  which  helps  set  direction 
for  the  division. 


Jenks  Named 
CIO  at  Safeco 

Safeco  Corp.,  an  insurance 
company  in  Seattle,  has  named 
WILLIAM  JENKS  CIO.  Jenks 
most  recently  served  as  execu¬ 
tive  vice  president  and  CIO  for 
worldwide  operations  at  Publicis 
Groupe  SA  in  Paris. 
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PAUL  GLEN 

How  to  Learn 
With  Peers 


LAST  MONTH,  I  wrote  about  a  missed  oppor¬ 
tunity  for  learning  that’s  sadly  too  common 
among  IT  managers.  While  many  believe 
that  a  career  in  management  requires  a  com¬ 
mitment  to  continuous  learning,  they  often 
miss  out  on  chances  to  glean  ideas,  insights  and  tech¬ 
niques  for  leadership  from  their  peers. 

For  a  variety  of  reasons,  they  are  unable  or  unwilling 
to  share  experiences  of  success  and  failure  with  their 
colleagues.  Posturing  and  perceptions  of  competitive 
pressures  interfere  with  some  of  the  most  potentially 
productive  relationships  in  the  workplace. 


But  how  do  you,  as  a  man¬ 
ager,  foster  an  environment 
that  encourages  and  facili¬ 
tates  these  exchanges?  Below, 

I  have  gathered  some  of  my 
own  ideas  and  have  mixed  in 
some  from  your  peers  who 
read  Computer-world  who 
have  generously  shared  their 
experiences. 

Have  weekly  meetings  with¬ 
out  the  boss.  Let’s  be  honest 
—  open  discussions  of  chal¬ 
lenges  and  failures  are  less 
likely  to  take  place  when  the 
guy  who  writes  everyone’s 
salary  review  is  sitting  there 
with  a  notepad.  For  peers  to 
behave  as  a  group,  they  need 
time  away  from  the  official 
authority  figure.  They  need 
to  have  a  sense  of  mutual 
trust  that  can’t  form  in  the  absence  of 
time  alone  together. 

At  these  meetings,  they  should  review 
current  situations  and  use  the  oppor¬ 
tunity  to  discuss  experiences  and  find 
solutions.  If  the  meetings  become  only 
discussions  of  experience  and  theory, 
then  they  will  be  considered  less  impor¬ 
tant  and  ultimately  will  die  from  lack  of 
participation. 

Institute  brown-bag  lunches  with  topic 
discussions.  Although  it’s  important  to 
keep  meetings  focused  on  practical  mat¬ 


ters,  a  dose  of  theory  is  still 
useful,  too.  Set  aside  a  few 
of  the  meetings  to  explicitly 
discuss  an  article  or  idea. 
Select  a  couple  of  newspa¬ 
per  or  magazine  columns 
or  even  a  Harvard  Business 
School  case  study  and  have 
a  go  at  open  conversation.  A 
good  discussion  of  theory 
can  help  people  make  sense 
of  their  experiences  and  en¬ 
vironments. 

Assign  a  task  force  of  peers 
to  oversee  a  change  initiative. 

But  be  forewarned:  In  my 
experience,  when  a  group 
of  colleagues  is  asked  to 
oversee  a  change  initia¬ 
tive  that  affects  all  areas 
of  responsibility,  there  are 
three  general  patterns  of 
group  dynamics: 

■  They  cohere  as  a  group  and  really 
learn  a  great  deal  about  one  another  and 
their  organization,  succeeding  magnifi¬ 
cently. 

■  They  cohere  as  a  group  and  agree 
to  sabotage  the  effort  together,  learning 
little  besides  how  to  obstruct  change. 

■  They  wallow  around  waiting  for 
someone  to  take  the  lead,  making  little 
progress. 

When  this  strategy  works  well,  it’s 
fantastic.  But  getting  some  outside  help 


from  a  consultant  or  other  facilitator  can 
improve  the  chances  of  having  a  valuable 
peer-to-peer  learning  experience. 

Disclose  your  own  failures  and  ask  others 
to  disclose  theirs.  People  learn  a  lot  more 
from  failure  than  they  do  from  success. 
Most  people  who  have  great  success 
don’t  really  know  why  they  succeeded; 
they  just  know  that  they  did.  They  may 
delude  themselves  into  believing  that 
they’ve  discovered  some  secret  method¬ 
ology,  but  they  usually  can’t  reproduce 
the  results. 

But  failure  is  a  great  teacher  if  one 
makes  the  effort  to  absorb  its  lessons. 
Sharing  experiences  of  failure  not  only 
helps  to  process  the  lessons  but  also 
helps  to  create  an  environment  of  trust 
in  which  it’s  safe  to  admit  that  no  one  is 
perfect. 

Encourage  participation  in  associations. 

Not  all  peers  are  members  of  the  same 
company.  Sharing  with  peers  from  the 
industry  is  often  less  threatening  than 
sharing  with  perceived  competitors  in¬ 
side  the  company. 

Shop  around  and  learn  about  which 
local  chapters  and  national  associations 
—  such  as  the  Project  Management  Insti¬ 
tute  or  the  Society  for  Information  Man¬ 
agement  —  are  available  in  your  area. 

In  IT,  we  are  generally  introverted,  so 
looking  for  connections  outside  of  work 
isn’t  necessarily  second  nature.  Remem¬ 
ber  that  what  you  get  out  of  an  associa¬ 
tion  is  often  proportional  to  what  you 
put  in,  so  try  out  a  few  and  find  a  place 
where  you  can  both  contribute  and  learn. 

Attend  outside  courses  designed  to  help 
peers  learn  together.  There  are  a  few  pro¬ 
grams  designed  to  encourage  this  type 
of  learning,  ranging  in  length  from  a  few 
days  to  a  year  or  more. 

It  is  possible  for  IT  managers  to  over¬ 
come  the  natural  tendency  to  isolate 
themselves  from  their  peers,  but  it  takes 
time  and  patience. 

If  you  can  begin  to  take  advantage  of 
these  kinds  of  opportunities,  everyone 
benefits.  * 

WANT  OUR  OPINION? 

OFor  more  columns  and  links  to  our  archives  go  to: 

www.computerworld.com/columns 


PAUL  OLEN  is  the  director 
of  the  Developing  Technical 


Leaders  program  (www. 
developingtechnicalleaders. 
com)  and  author  of  the  award¬ 
winning  book  Leading  Geeks: 
How  to  Manage  and  Lead 
People  Who  Deliver  Technol¬ 
ogy  (Jossey-Bass,  2002). 

Contact  him  at 
info@paulslen.com. 
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SPECIAL  REPORT 


Siebel  sells  out  to  Orac^ 

Oracle  today  announced  its  seco'-' 
in  just  9  months,  this  time  ' 
agreed  on  a  deal  »•’ 
share.  Re»'> 

WHAT'S  I 


The  No.  1  Enterprise  IT  Web  site  just  got 

Faster 

Richer 

Deeper  ; 

...  and  a  little  more  colorful. 


PROGRAMMER  ANALYST, 

Multiple  Openings.  Alpharetta, 
GA  and  various  unanticipated 
client  sites  throughout  the  U.S. 
Analyze,  design,  develop,  modify 
and  implement  software/systems 
applications  in  a  client/server 
environment;design,  implement 
and  maintain  various  programming 
and  operating  systems;  work  in 
a  team  environment  testing  and 
developing  software/systems 
applications  in  accordance  with 
project  specifications;  will  work 
under  the  close  supervision  of 
the  project  manager;  Minimum 
of  a  Bachelor's  Degree  or  equivalent 
in  Computer  Science,  CIS,  Engg, 
Math.,  Electronics,  Business, 
Management,  Techn.  or  related 
field  required;  position  requires 
extended  travel  and/or  relocation. 
Two  (2)  years  prior  professional 
experience  in  software  design  and 
development  necessary.  Attractive 
compensation  package.  Mail  resumes 
to:  Jireh  Solutions,  LLC,  Job 
#PA02,  1091  Cambridge  Square, 
Suite  A,  Alpharetta,  GA  30004. 


Career  opportunities  CA  &  various 
sites  as  necessary  for  Jr,  Sr,  Lead 
Programmer  Analysts:  analyze, 
design,  develop  &  maintain 
mainframe  &  multi-tier  arch  systems. 
Req:  MS  or  BS  (or  foreign  equiv)  in 
Science,  Engg,  Business  Admin  or 
related,  and  1  to  5  yrs  exp  in  various 
fields  such  as  COBOL,  DB2,  IMS, 
CICS,  MVS,  JCL,  COOLGEN, 
COGEN,  VB.Net,  ASP.Net,  C#, 
SQL,,  COM+,  ORACLE,  PSP, 
Java,  EJB,  J2EE,  RUP,  EAI  tools 
like  MQ  Series,  Vitria  etc.,  Data 
warehousing  and  ETL  tools  like 
Cognos,  Informatics,  Micro-strategy, 
Enterprise  level  Systems  Admins  for 
Windows  and  UNIX.  Mail  resumes 
to:  Prelude  Systems  Inc,  P.O. 
Box  5558,  Diamond  Bar,  CA 
91765  or  post  your  resume  at 
http://  careers.preludesys.com. 


Programmer  Analysts  (P/A)  & 
Software  Engineers  (S/E)  for 
Charlotte,  NC.  P/A  Develop  software 
using  VB,  Crystal  Reports,  Delphi, 
ASP,  XML,  Coolgen,  Interwoven, 
Oracle,  PL/SQL,  Developer  2000 
&  Designer  2000.  Bachelors  or 
Equivalent  req'd  in  Computers,  Eng, 
Math  or  related  field  +  2yrs  of  related 
exp.  S/E:  Design  &  Test  software 
apps  using  C,  C++,  VB,  Delphi,  ASP, 
XML,  UML,  .Net,  VB.Net,  ASP.Net, 
Oracle,  Developer  2000  &  Designer 
2000;  Masters  or  Equivalent**  req'd 
in  Computers,  Eng,  Math  or  related 
field  +  1  yr  of  related  exp.  (**Eqv: 
Bachelors  or  Eqv.  +  5  yrs  of 
progressive  related  work  exp.). 
Must  have  legal  authority  to  work 
permanently  in  the  U.S.  Send 
resumes  to  HR,  Masterminds  Global 
Solutions,  LLC  2520  Sardis  Road 
N,  Ste  234,  Charlotte,  NC  28227. 


Software  Engineer,  Sr.  w/Masters 
or  foreign  equvl  in  Comp  App  or 
Comp  Sci  or  Engg  &  1  yr  exp  to 
research,  analyze,  design,  code, 
test  &  maint.  multi-  tier  transactional 
web-based  &  client  server  appl 
using  .Net  Framework,  C#,  ASP.Net, 
Java,  Visual  C++.  PL/SQL  &  Sybase. 
Analyze  the  buss  reqmnts  to 
determine  the  technical,  time  &  cost 
feasibility.  Design  &  implmnt  the  n-tier 
system  architecture  using  Visio, 
Rational  Rose,  Visual  Studio.Net  & 
DBArtisan.  Interact  w/end  users. 
Mail  res.  to:  Open  Systems 
Technologies.  225  West  34th  St  Ste 
1715,  NY,  NY  10122.  Job  Loc:  NYC 
or  in  any  unanticipated  loc  in  the  USA. 


Programmer-Analyst:  for  Shipping 
Company  in  Iselin,  NJ  .To 
design,  develop  test,  implement 
applications  for  the  shipping 
industry  using  C,  C++,  Visual 
Basic,  Oracle  in  Unix  and  Win  NT 
environment;  utilize  Info-X  Web 
based  system  to  provide  data 
&  documentation  management; 
implement  end  to  end  solutions  for 
NVOCC  and  Freight  Forwarders  in 
US,  Europe  and  Asia;  coordinate 
database  administrative  function, 
interface  standards,  perform 
systems  integration,  networking 
&  troubleshooting.  Req  Bachs 
or  Foreign  Eqvlt  in  Sci  or  Engg 
w/2  yrs  exp  in  the  duties  listed. 
Extensive  travel  reqd.  Reply: 
Job  #PA01  to  CMS  Shipping 
Agency  Inc.  Attn:  HRD,  200 
Middlesex-Essex  Turnpike, 
Suite  304,  Iselin,  NJ  -  08830 


Programmer  -  Technical  Analyst. 
Maintain  and  write  Intranet  / 
Extranet  software  using 
ColdFusion,  SQL,  JavaScript, 
CSS,  HTML;  perform  Windows 
&  Linux  Server  administration 
tasks;  write  automation  programs. 
Edit  video  to  create  DVDs. 
Must  have  B.S.  in  Computer 
Science  or  related  plus  2  yrs 
exp  in  SQL  programming, 
ColdFusion,  JavaScript,  HTML, 
script  automation,  and  working 
in  mixed  network  environment. 
Send  resume:  Chappell  Studio, 
Inc.,  Attn:  David  McCan,  2280 
West  Tyler,  Fairfield,  IA  52556. 


Computer: 

Software  Engineer  & 
Programmer  Analyst: 
Software  Quality  Leaders, 
Inc.  Resume  Director 
3150  De  La  Cruz  Blvd., 
#138,  Santa  Clara,  CA 
95054  or  email 
openjobs@softql.com 


Systems  Administrator: 

Needed  to  install  new  software 
releases  &  system  upgrades. 
Perform  system  backups  & 
recovery.  Maintain  data  files  & 
monitor  system  configuration 
to  ensure  data  integrity. 
Bachelor's  degree  in  MIS,  CIS 
or  Bus.  Admin.  +  6  mos.  Exp. 
req'd.  Put  job  code  SA11  on 
resume  and  send  to:  LJA 
Engineering  &  Surveying,  Inc., 
Attn:  HR,  2929  Briarpark  Dr., 
Suite  600,  Houston,  TX  77042. 


Video  Products  Distributors  (VPD) 
is  looking  for  system  analyst  to 
develop  and  code  programs, 
design  special  applications  for 
VPD  business.  Minimum  is  MS  or 
BS  with  5-yr  IT  exp  using  Unix, 
ICL/VME,  CSP,  RPG,  Java.  Please 
send  resume  to  150  Parkshore  Dr., 
Folsom,  CA  95630. 

Emergtech  Business  Solutions 
seeks  Computer  Professionals 
(system  analyst,  DBA,  software 
engineer)  customize  applications. 
Req  MS/BS  (equiv)+1-5yr  exp.  IT 
experience  in  C/C++,  Oracle,  SQL, 
VB,  etc  is  a  plus.  Travel  maybe 
required.  Send  resumes  to 
hr@emergtechinc.com. 


Witness  Systems,  Inc.  is  seeking 
a  Computer  Systems  Analyst 
(Senior  Technical  Support  Analyst) 
for  its  Santa  Clara,  CA  location 
to  provide  staff  and  users  with 
assistance  solving  computer 
related  problems,  problem  tracking, 
diagnosis,  replication,  troubleshooting, 
and  resolution  of  technical 
product  issues.  Must  have  a 
Master's  degree  or  equivalent 
in  Computer  Science  or  similar 
field  plus  one  year  of  experience 
in  the  related  occupation  of 
testing  and  tech  support.  Salary 
commensurate  with  experience. 
Send  cover  letter  and  resume  to 
Lisa  Franck,  Witness  Systems, 
Inc.,  Job  #  Computer  Systems 
Analyst  (Senior  Technical  Support 
Analyst),  300  Colonial  Center 
Parkway,  Roswell,  GA  30076 


Engineers,  integration  (Systems 
Analysts)  sought  by  Quovadx, 
Inc.  for  its  Dallas,  TX  office 
to  analyze,  evaluate  and 
recommend  solutions  using 
Cloverleaf  in  UNIX  and 
Windows  environments.  Requires 
BS  in  Computer  Science/related 
field  +  2  yrs  exp.  Submit  resume 
to  Susanne  Pulver  at  7600 
East  Orchard  Rd.,  Suite  300S, 
Greenwood  Village,  CO  80111. 


Software  Engineer: 
360  Degree  Web,  Inc. 
in  Santa  Clara,  CA. 

Mail  President 
3100  Patrick  Henry 
Drive,  Santa  Clara,  CA 
95054 


Software  Engineer  /  Web 
Designer  -  for  research, 
design,  and  development 
of  multimedia  /  web  services, 
including  3D  animation 
and  illustration.  Refer  to 
Job  #  NS028  and  reply  to: 
officemanager@nitrostream. 
com  or  Nitrostream,  Inc. 
2818  Stonecrest  Way, 
San  Jose,  CA  95133. 


Labor 

Certification 

Ads 


Are  you  an  individual,  agency  or 
law  office  needing  to  place  ads 
to  fulfill  legal  requirements? 

Let  us  help  you  put  together  an 
efficient,  cost  effective  program 
that  will  help  you  place  your  ads 
quickly  and  easily. 

For  more  details,  contact  us  at: 
800.762.2977 

iTlcareers 


Find  out  how  to  get  the  most  out  of 
your  job  search  and  your  career. 


Computerworld’s 
Careers  Knowledge 
Center 
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Get  the  latest  industry  news,  as  well 
as  valuable  job-  seeking  and  career 
enhancement  advice. 


Read  about  IT-related  issues  such  as: 

-  Hiring/recruiting 

-  Education/training 

-  Consulting/contracting 

-  Skills 


Remember,  knowledge  is  power, 
and  the  Careers  Knowledge  Center 
is  the  place  to  get  it! 


Go  to  www.computerworld.com  today. 
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Sun 


said  Sun  has  too  many  layers 
of  managers  that  have  to  get 
involved  in  decisions  on  sales 
issues  —  a  problem  that  has 
persisted  for  years.  “The  sales¬ 
man  had  to  go  talk  to  his  boss, 
his  boss  had  to  talk  to  his  boss, 
and  then  his  boss  talked  to  his 
boss  —  and  then  the  decision 
would  trickle  down,”  Thomas 
said.  “When  you  want  an  an¬ 
swer,  you  want  an  answer.” 

Daniel  Grim,  executive 
director  of  networks  and 
systems  at  the  University  of 
Delaware  in  Newark,  called 
on  Schwartz  to  improve  the 
support  for  Solaris  running 
on  Sun’s  Opteron-based  x64 
systems  among  independent 
software  vendors. 

“I’d  like  to  have  a  better 
understanding  of  what  their 
strategic  directions  really  are 
relative  to  Sparc  vs.  Opteron,” 
Grim  said.  “We’re  excited 
about  the  Opteron-based  sys¬ 
tems,  but  we  also  like  to  run 
Solaris,  and  we  don’t  see  [inde¬ 
pendent  software  vendors]  fol¬ 
lowing  Solaris  onto  Opteron.” 

Grim  added  that  having 
Linux  available  on  the  x64  line 
isn’t  a  big  selling  point  for  Sun 
in  his  IT  shop.  “We  can  buy 
machines  that  run  Linux  from 
lots  of  people,”  he  said. 

Schwartz’s  Burdens 

Concerns  such  as  the  ones 
voiced  by  Thomas  and  Grim 
are  now  entirely  Schwartz’s 
problem.  He  was  named  to 
replace  McNealy  —  one  of 
the  most  combative,  colorful 
and  outspoken  vendor  execu¬ 
tives  in  the  IT  industry  —  as 
CEO  on  the  same  day  that  Sun 
reported  a  net  loss  of  $217  mil¬ 
lion  for  its  third  quarter. 

However,  revenue  grew  21% 
year  over  year  to  $3.18  billion. 
That  was  partly  a  result  of  the 
addition  of  revenue  from  Stor¬ 
age  Technology  Corp.,  which 
Sun  bought  last  August.  The 
growth  prompted  McNealy  to 
say  that  the  company’s  opera¬ 


tions  have  been  “stabilized”  af¬ 
ter  years  of  financial  struggles. 

McNealy  has  said  in  the  past 
that  he  and  Schwartz,  who 
previously  was  Sun’s  president 
and  chief  operating  officer, 
were  “joined  at  the  hip.”  And 
during  a  joint  conference  call 
last  week,  McNealy  —  who 
will  continue  as  Sun’s  chair¬ 
man  and  remain  a  full-time 
employee  —  said  that  the  two 
executives  are  still  “highly 
aligned”  strategically. 

But  analysts  said  that  if 
Schwartz  wants  to  hold  on  to 
the  CEO  job,  he  will  have  to 
give  Wall  Street  what  McNealy 
hasn’t  been  able  to  deliver  since 


[Sun’s]  sales¬ 
man  had  to  go 
talk  to  his  boss,  his 
boss  had  to  talk  to 
his  boss,  and  then 
his  boss  talked  to 
his  boss  -  and  then 
the  decision  would 
trickle  down. 

SAM  THOMAS,  IS  SUPERVISOR. 
CITY  OF  OAKLAND,  CALIF. 


the  end  of  the  dot-com  boom: 
consistent  profitability. 

The  CEO  change  “indicates 
that  the  financial  market  had 
finally  come  to  the  end  of  [its] 
patience  more  than  anything,” 
said  Charles  King,  an  analyst 
at  Pund-IT  Inc.  in  Hayward, 
Calif.  “The  company  has  had 
a  really  tough  time  over  the 
last  three  or  four  years.”  King 
called  Schwartz,  who  is  40,  “a 
conventional  choice”  for  Sun. 

“This  is  a  stay-the-course 
signal,”  agreed  Rob  Enderle, 
an  independent  analyst  in  San 
]ose.  “In  fact,  the  real  question 
may  be  whether  there  is  really 
any  change  at  all,  since  the 
reporting  relationships  remain 
very  similar.” 

However,  Schwartz  said  he 
plans  to  conduct  a  “compre¬ 
hensive  review”  of  all  aspects 
of  the  company  over  the  next 
two  months,  leading  into  the 
start  of  Sun’s  next  fiscal  year. 
“We’re  going  to  be  making  sure 
we’re  aligning  the  organiza¬ 
tion  for  growth,”  he  said. 

Schwartz  emphasized  the 
importance  of  research  and 
development,  on  which  Sun 
spends  about  $2  billion  annu¬ 
ally.  And  regarding  the  issue 


I  don’t  think 
there  will  be 
much  of  an  alarm 
over  this  change. 

It  would  have  been 
quite  the  opposite 
if  the  new  CEO 
was  coming  from 
outside  of  Sun. 

USA  SAICH0MP00,  SOFT¬ 
WARE  AND  SYSTEMS  MANAGER, 
UNIVERSITY  OF  NEVADA,  RENO 


of  possible  workforce  cuts,  the 
new  CEO  said  the  purpose  of 
the  planned  review  is  “not  to 
figure  out  how  to  take  a  whack 
at  head  count.”  But  he  added 
that  Sun  will  do  some  “prun¬ 
ing”  of  operations  that  aren’t 
yielding  returns. 

Schwartz  announced  some 
immediate  changes  last  week. 
He  said  that  Greg  Papado- 
poulos,  who  has  been  Sun’s 
chief  technology  officer,  will 
be  executive  vice  president 
of  research  and  development. 
Schwartz  also  said  there  will 
be  an  increased  emphasis  on 
executive  teamwork;  for  exam¬ 


ple,  he  plans  to  share  an  office 
with  Mike  Lehman,  Sun’s  chief 
financial  officer. 

The  choice  of  Schwartz  to 
replace  McNealy  was  com¬ 
forting  to  Lisa  Saichompoo, 
software  and  systems  manager 
at  the  University  of  Nevada, 
Reno.  “I  don’t  think  there  will 
be  much  of  an  alarm  over  this 
change,”  she  said.  “It  would 
have  been  quite  the  opposite 
if  the  new  CEO  was  coming 
from  outside  of  Sun.” 

But  Saichompoo  did  have 
a  suggestion  for  Schwartz: 
Maintain  the  company’s  focus 
on  developing  its  x64  servers. 

Neal  Tisdale,  another  x64 
user,  said  that  Sun  needs  to 
improve  its  support  for  the 
Opteron-based  machines.  But 
he  praised  Schwartz’s  promo¬ 
tion  to  CEO. 

“I  think  it’s  a  great  change,” 
said  Tisdale,  who  is  vice  presi¬ 
dent  of  software  development 
at  Atlanta-based  NewEnergy 
Associates  LLC.  “[Schwartz] 
is  dialed  into  what  drives  this 
industry.”  * 


Robert  McMillan  of  the  IDG 
News  Service  contributed  to 
this  story. 


The  Time  Was  Right  for  a  Change  at  Sun,  McNealy  Says 


SCOn  McNEALY,  one  of  Sun’s  co¬ 
founders  and  the  company’s  CEO  for 
the  past  22  years,  was  adamant  last 
week  that  it  was  time  for  a  change 
at  the  top  -  and  that  it  was  his  call  to 
make  the  change. 

“This  was  my  decision  that  was 
supported  by  the  board,”  McNealy 
told  reporters  during  a  conference 
call  with  new  CEO  Jonathan  Schwartz 
last  Monday.  Sun’s  board  of  directors 
held  a  private  conference  call  of  its 
own  late  on  the  Friday  before  the 
change  was  announced,  McNealy  re¬ 
counted,  “and  I  said,  ‘Gang,  it’s  time.’  ” 

The  end  of  McNealy’s  tenure  as 
CEO  comes  under  less-than-ideal 
circumstances  -  Sun  has  either  lost 
money  or  been  barely  profitable 
since  2001.  But  McNealy  pointed  to 
Sun’s  revenue  growth  for  the  quarter 


that  ended  March  26  as  a  sign  that 
the  company  has  turned  the  corner. 

“I  wasn’t  going  to  hand  it  over 
when  the  thing  was  deteriorating 
postbubble,"  McNealy  said.  “Now 
we've  got  it  stabilized.”  He  also  said 
that  Sun  has  “fixed”  its  product  line 
through  steps  such  as  embracing 
Advanced  Micro  Devices  Inc.'s 
Opteron  processors  for  commod¬ 
ity  systems  and  introducing  its 
CoolThreads  line  of  high-density, 
multithreaded  servers. 

McNealy  gave  Schwartz  credit 
for  many  of  the  strategic  changes 
that  Sun  has  made  over  the  past  few 
years,  such  as  open-sourcing  Solaris 
and  adopting  a  per-employee  pricing 
model  for  the  company’s  Java  Enter¬ 
prise  System  software. 

Schwartz  has  “been  calling  a  lot 


of  the  plays  over  the  last  couple  of 
years,”  said  Jonathan  Eunice,  an 
analyst  at  llluminata  Inc.  in  Nashua, 
N.H.  “This  is  his  architecture.  This  is 
his  strategy  that  Sun  is  playing.” 

In  addition,  Schwartz  has  won 
praise  for  implementing  layoffs  that 
McNealy  had  avoided.  “He  has  prov¬ 
en  he  can  deal  with  tough  situations 
managerially,”  said  Laura  Koetzle,  an 
analyst  at  Forrester  Research  Inc. 

But  Ovum  Ltd.  analysts  David 
Mitchell  and  Gary  Barnett  warned  in 
a  research  note  that  Schwartz  still 
“has  a  major  task  on  his  hands”  at 
Sun.  They  said  that  "dramatic  and 
painful  changes”  must  be  made, 
such  as  an  overhaul  of  the  compa¬ 
ny’s  software  portfolio  “that  has  to 
involve  a  good  deal  of  divestment.” 

“Sun  does  not  need  ‘more  of  the 


same,’  or  even  ‘a  gentle  touch  on  the 
wheel,’  ’’  Mitchell  and  Barnett  wrote. 
"Sun  needs  to  transform  -  and  the 
next  few  months  will  show  whether 
Schwartz  has  the  vision  and  the  abil¬ 
ity  to  take  the  hard  road  to  recovery.” 

However,  Schwartz  indicated  that 
he  won't  just  be  looking  to  make 
more  cuts.  “Are  there  acquisition  op¬ 
portunities  out  there?  Absolutely,”  he 
said  during  the  conference  call.  "We 
will  be  one  of  the  consolidators  in 
the  open-source  industry.” 

McNealy,  51,  is  getting  a  new 
job,  too.  He  will  be  chairman  of  Sun 
Federal  Inc.,  a  unit  that  handles  sales 
to  the  U.S.  government,  while  also 
remaining  chairman  of  Sun’s  board. 

-  ROBERT  McMiLLAN  AND 
ELIZABETH  M0NTALBAN0, 
IDG  NEWS  SERVICE 
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Surf  City 

MAYBE  you  saw  the  news  stories  last  week  —  the  ones 

with  headlines  like:  “Judge:  Web-Surfing  Worker 
Can’t  Be  Fired”  and  “Not  Unreasonable  for  City 
Workers  to  Surf  Web.”  One  enthusiastic  headline  read 
“Surf  to  Your  Heart’s  Delight.”  Great  stuff,  huh? 

The  news:  New  York  City  Administrative  Law  Judge  John  Spooner 
said  that  a  city  worker  should  be  reprimanded,  not  fired,  for  disobey¬ 
ing  his  boss’s  order  not  to  use  the  Web.  In  his  decision,  the  judge  com¬ 
pared  the  Internet  to  newspapers  and  phones,  something  “essential 
to  living  in  the  technological  world.” 

It  was  a  pretty  good  ruling.  But  unfortunately  for  the  headline 
writers,  Spooner  didn’t  rule  quite  what  those  headlines  said. 


In  fact,  the  headlines  were  almost  universally 
wrong.  Judge  Spooner  found  that  the  no-personal¬ 
surfing  rule  was  reasonable,  just  not  fairly  ap¬ 
plied.  And  whether  the  employee  will  be  fired 
isn’t  up  to  Spooner,  but  New  York  Schools  Chan¬ 
cellor  Joel  Klein.  And  the  judge  didn’t  declare 
any  universal  right  to  surf. 

Here’s  what  happened,  according  to  Spooner’s 
13-page  ruling:  Toquir  Choudhri,  a  14-year  vet¬ 
eran  of  New  York’s  education  department,  was 
accused  of  excessive  absence,  excessive  lateness, 
early  departures,  making  an  improper  leave  re¬ 
quest  and  disobeying  an  order  to  cease  using  the 
Internet  for  personal  business. 

Most  of  the  charges  were  thrown  out  —  the 
absences,  lateness,  early  departures  and  leave 
request  were,  it  turns  out,  all  within  acceptable 
department  limits.  And  Choudhri  was  the  only 
staffer  in  his  office  for  whom  the  “no  nonbusiness 
Internet  use”  rule  was  enforced,  even  though 
most  other  employees  broke  the  rule,  too. 

Smell  a  rat?  The  judge  did.  He  used  the  words 
“anger”  and  “spite”  to  describe  the  attitudes  and 
actions  of  Choudhri’s  supervisors. 

The  charges  were  trumped  up,  the 
judge  said. 

That  didn’t  excuse  Choudhri’s 
insubordination,  which  included 
answering  sarcastically  when  his 
boss  asked  about  his  Web  surfing. 

But  taken  with  other  mitigating  fac¬ 
tors  —  including  Choudhri’s  good 
work  history,  the  fact  that  he  only 
surfed  when  his  work  was  done  and 
his  admission  that  he  was  wrong  to 
disobey  orders  —  it  meant  Choudhri 
deserved  only  a  reprimand. 

Incidentally,  Judge  Spooner  also 
manages  IT  systems  for  his  own  de¬ 


partment,  New  York  City’s  Office  of  Administra¬ 
tive  Trials  and  Hearings  (OATH).  Yes,  really.  Un¬ 
til  2002,  he  even  ran  OATH’s  networks  himself. 
So  he  knows  about  network  capacity  utilization 
and  spam  and  viruses.  He’s  uniquely  qualified  to 
focus  on  technical  issues  relating  to  how  city  em¬ 
ployees  use  the  Internet. 

But  he  didn’t. 

Instead,  he  dug  into  questions  of  productivity 
(not  affected  by  the  nonbusiness  Web  surfing  in 
this  case,  he  concluded).  And  managerial  effec¬ 
tiveness  (undermined  by  Choudhri’s  insubordi¬ 
nation,  the  judge  said).  And  abuse  of  a  manager’s 
power  (singling  out  Choudhri  with  a  ban  on 
personal  Web  use  was  “harsh  and  arbitrary,” 
Spooner  determined). 

Those  were  the  real  issues.  The  business  is¬ 
sues.  The  ones  that  mattered. 

Those  are  also  issues  you  should  keep  in  mind 
the  next  time  someone  asks  IT  for  input  on  that 
slippery  question  of  employee  personal  use  of 
the  Internet.  Forget  hot-button  claims  that  it  de¬ 
stroys  productivity  and  demolishes  bandwidth 

—  or,  on  the  other  side,  that  it’s  every 
employee’s  right.  Figure  out  the  real 
technical  issues  for  your  networks. 
Then  factor  in  the  politics  and  per¬ 
sonal  agendas  that  always  play  into 
these  thing.  Then  answer. 

The  result  won’t  be  some  simple, 
elegant  principle.  It’ll  likely  be  a 
kludgy  statement  like:  “Personal 
Web  surfing  is  OK  with  IT  as  long  as 
it  doesn’t  reduce  productivity,  clog 
the  network  or  cause  other  prob¬ 
lems.  If  it  does  any  of  those  things, 
it’s  no  longer  OK.” 

That  makes  a  lousy  headline.  But 
it’s  a  pretty  good  rule. » 


FRAHK  HAYES,  Computer- 
world's  senior  news  columnist, 
has  covered  IT  for  more  than 
20  years.  Contact  him  at  frank. 
hayes@computerworld.coni. 


What  Did  You  Expect? 

It’s  thunderstorm  season,  and  when  the  power  goes 
out  at  one  branch  office,  the  uninterruptible  power 
supplies  kick  in,  everything  shuts  down,  and  this 
pilot  fish  waits  for  power  to  return.  And  waits.  And 
waits.  “Late  evening  sees  the  power  restored,  and 
we  go  about  bringing  the  network  back  to  life,”  says 
fish.  “Next  morning,  the  phone  rings.  It’s  a  very  irate 
corporate  admin  wanting  to  know  why  we  had  an 
unscheduled  outage  the  day  before.  I  calmly  explain 
about  the  storm,  which  I  had  no  control  over.  His 
response?  ‘Next  time,  put  it  on  the  schedule  before 
you  have  an  unexpected  outage!’  ” 


SHARK 

TANKi 


Aha! 

User  complains 
her  PC  is  dead 
-  even  Ctrl-Alt- 
Del  won’t  work. 

Support  pilot  Ash  stops 
by,  makes  sure  key¬ 
board  is  plugged  in,  hits  all  e-mail  from  her  boss 
Ctrl-Alt-Del,  and  the  log-  into  the  trash  and  de¬ 
in  prompt  pops  right  up. 

“I  pretty  much  wrote  the 
incident  off  as  ‘mechan- 


routes  showed 
that  the  e-mails 
were  being 
delivered.  But  a 
careful  review 
of  the  user’s  mailbox 
revealed  a  rule  that  put 


leted  it  after  24  hours.” 


Just  Like  it  Says 


ic’s  syndrome,’  where 
the  problem  doesn’t 
occur  in  the  presence 
of  a  mechanic,”  says 
fish.  “Later,  however, 
the  user  owned  up  to 
how  she  had  removed 
the  keys  from  the  key¬ 
board  in  order  to  clean 
it.  Seems  that  when 


Help  desk  pilot  fish 
fields  a  call:  “Is  the  time 
and  attendance  system 
down?”  Fish:  Did  you 
get  a  screen  saying  that 
the  application  was 
temporarily  unavail¬ 
able?  “Yes.”  Fish:  Then 
the  application  will  be 
unavailable  jiitil  further 


you  switch  the  Alt  key 
and  the  Windows  key, 
Ctrl-Alt-Del  no  longer 
works.” 

Wishful  Thinking 

Support  pilot  fish  gets 
a  frantic  call  from  an 
e-mail  user:  She’s  not 
getting  any  e-mails 
sent  by  her  boss,  so 
she  missed  a  very  im¬ 
portant  meeting.  “The 
boss  is  on  the  warpath 
and  blaming  the  mail 
servers,”  fish  says. 

“We  sent  several  test 
e-mails  from  the  boss’s 
mailbox  with  traces 
running,  and  the  trace 


notice.  “Oh,  OK.” 

- '  M '  H H if 1 8|  l 

Maybe  a  Hairpin 

This  retailer  has  a 
problem  with  pilfered 
equipment.  “Almost 
every  Monday,  there’s 
a  report  of  a  stolen  lap¬ 
top,”  sighs  a  pilot  fish 
there.  “  ‘But  I  locked  it 
in  my  credenza’  is  the 
typical  message.  Obvi¬ 
ously,  the  users  don’t 
know  that  there  are  just 
a  handful  of  keys  for 
typical  cubicle  furniture. 
To  find  one  that  has  a 
treasure  in  it,  all  a  thief 
needs  is  those  few  keys 


-  and  persistence. 
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OSHARKY’S  PERSISTENT  about  asking  for  true  tales 
of  IT  life.  Send  yours  to  sharky@computerworld. 
com,  and  you’ll  get  a  stylish  Shark  shirt  if  I  use  it.  And  check 
out  Sharky’s  blog,  browse  the  Sharkives  and  sign  up  for 
Shark  Tank  home  delivery  at  computerworl  Aom/sharky. 


.INFRASTRUCTURE  LOG 

.DAY  49:  Things  are  out  of  control.  Our  system  is 
just  not  secure,  flexible  or  reliable  enough.  Gil 
bought  some  “infrastructure  bloodhounds”  online.  He 
says  they  can  sniff  out  any  problem. 


Tivoli.  Express 


.DAY  50:  They  can’t.  But  IBM  Tivoli  Express  middleware 
can.  It’s  a  series  of  I.T.  management  solutions  designed 
and  priced  for  mid-sized  businesses.  Secure,  boosts 
uptime,  and  protects  our  data  with  automated  backups. 
We  even  got  help  customizing  and  implementing  it. 

.DAY  52:  Remind  Gil:  Bloodhounds  not  as  good  at  sniffing 
out  problems  as  they  are  at  chewing  Ethernet  cables. 


-  ■ 


.INFRASTRUCTURE  LOG 


_DAY  8:  I  give  up.  Our  infrastructure  is  so  inflexible. 
Our  apps  and  processes  don’t  work  together.  We  can’t 
respond  quickly  to  change.  It’s  out  of  control. 

_Gil  had  an  epiphany.  Duct  tape.  A  few  dozen  rolls  later 
and  he’s  integrated  everything,  and  everyone,  by  hand. 

_DAY  10:  Duct  tape  can  fix  many  things.  Basketballs. 
Sofas.  Doorknobs.  But  not  widespread  app  and  process 
inflexibility. 

_DAY  13:  I’ve  found  something  better:  IBM  WebSphere 
middleware.  It’ll  make  our  inf restructure  more  flexible 
by  seamlessly  integrating  our  apps.  We  can  change 
processes  in  a  snap  and  use  what  we  already  have — 
even  apps  from  SAP  and  Oracle.  And  with  IBM’s  industry- 
specific  expertise,  we’re  on  our  way  to  enabling  a 
service  oriented  architecture . 

_Hmmmm .. .WebSphere.  More  powerful  than  duct  tape. 


IBM,  the  IBM  logo  and  WebSphere  are  registered  trademarks 
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WebSphere, 


Download  our  IBM  SOA  Assessment  Tool  at: 

IBM.COM/TAKEBACKCONTROL/SOA 


INFRASTRUCTURE  LOG 


_DAY  35:  Whoa!  Came  in  today  and  found  a  black  hole. 
Information  goes  in  but  doesn’t  come  out.  This  is  bad. 

_DAY  36:  The  black  hole  just  sucked  in  three  interns. 
HR  is  not  pleased. 

_DAY  38:  I’ve  taken  back  control  with  IBM  Information 
Management  middleware.  It’s  built  on  open  standards. 
Totally  scalable.  Seamlessly  unites  all  our  critical 
information,  whatever  its  source.  Now  our  info  has 
real  business  value  that  can  help  spur  growth. 


_We  got  everything  back  from  the  black  hole.  Except 
the  interns. 


Information  Management 


See  innovative  IBM  Info  Management  solutions  in  action: 

IBM.COM/TAKEBACKCONTROL/INFOMGMT 
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